You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
@@ -59,7 +59,7 @@ Additionally you can parse raw events and convert it to rule using [converter](h
| key | values |
| --- | --- |
|`enabled`| If the value is set to `true` the event will be written. If it's set to `false` just ignore the rule. |
|`source`|The source of the events. (Working on more supported sources...)<br>`Sysmon`<br>`PowerShell`|
|`source`|`Sysmon`<br>`PowerShell`|
|`category`| For each source there are a list of different categories that can be specified. |
|`description`| A simple rule description. |
|`payload`| These are the values that will be added to the event. If you don't indicate a specific payload the event will contain the values of the default configuration files located on `conf`. |
