title: This service may not function properly
description: hogehoge
enabled: true
author: Yea
logsource: 
    product: windows
detection:
    selection:
        Channel: System
        EventID: 7030
        param1:
            regexes: ./regexes.txt
    # condition: selection
falsepositives:
    - unknown
level: low
output: 'Interactive service warning¥nService name: %ServiceName%¥nMalware (and some third party software) trigger this warning'
creation_date: 2020/11/8
uodated_date: 2020/11/8