File tree Expand file tree Collapse file tree 1 file changed +0
-5
lines changed
Expand file tree Collapse file tree 1 file changed +0
-5
lines changed Original file line number Diff line number Diff line change @@ -325,21 +325,16 @@ Description: The field should specify the name of the SIEM/EDR/XDR in the approp
325325Possible Values:
326326
327327- ` sentinel-kql-query ` for Microsoft Sentinel Query
328- - ` sentinel-kql-rule ` for Microsoft Sentinel Rule
329328- ` splunk-spl-query ` for Splunk Query
330- - ` splunk-spl-rule ` for Splunk Alert
331329- ` crowdstrike-spl-query ` for CrowdStrike Query
332330- ` elastic-lucene-query ` for Elasticsearch Query
333- - ` elastic-lucene-rule ` for Elasticsearch Rule
334331- ` opensearch-lucene-query ` for AWS OpenSearch Query
335332- ` logscale-lql-query ` for Falcon LogScale Query
336- - ` logscale-lql-rule ` for Falcon LogScale Rule
337333- ` mde-kql-query ` for Microsoft Defender for Endpoint Query
338334- ` qradar-aql-query ` for IBM QRadar Query
339335- ` sigma-yml-rule ` for Sigma Rule
340336- ` athena-sql-query ` for WS Athena Query (Security Lake)
341337- ` chronicle-yaral-query ` for Chronicle Security Query
342- - ` chronicle-yaral-rule ` for Chronicle Security Rule
343338
344339Example: ` language: splunk-spl-query `
345340
You can’t perform that action at this time.
0 commit comments