CSEC_PUBLIC/hayabusa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
034f9c0957aea6c623ea8a7dd633312ebfb2bb33
hayabusa/rules/timeline-rules/Logons/4769-Kerberos-Service-Ticket-Request.yml
T
Tanaka Zakku bad4429ad0 Rule tuning
2021-11-18 10:31:28 +09:00

14 lines
396 B
YAML
Raw Blame History

title: Kerberos Service Ticket Requested
description: Prints logon information
author: Zach Mathis
level: informational
detection:
selection:
Channel: Security
EventID: 4769
falsepositives:
- normal system usage
output: 'User: %TargetUserName% : Service: %ServiceName% : IP Address: %IpAddress% : Status: %Status%'
creation_date: 2021/11/17
updated_date: 2021/11/17
Reference in New Issue View Git Blame Copy Permalink