Rule tuning

rules-noisy/PowershellOperational/4104_T1059_PowershellExecutionRemoteCommand.yml

@@ -2,8 +2,7 @@ title: PowerShell Execution Remote Command
 title_jp: Powershellのリモートコマンドの実行
 description: Powershell command executed remotely.
 description_jp: Powershell command executed remotely.
-author: Eric Conrad
-contributor: Zach Mathis
+author: Eric Conrad, Zach Mathis
 mitre_attack: T1059
 level: medium
 detection:
@@ -15,7 +14,7 @@ detection:
     # condition: selection
 falsepositives:
     - normal system usage
-output: 'Command = %ScriptBlockText%'
-output: 'コマンド = %ScriptBlockText%'
+output: 'Command: %ScriptBlockText%'
+output: 'コマンド: %ScriptBlockText%'
 creation_date: 2020/11/08
 updated_date:  2021/11/06