File tree Expand file tree Collapse file tree 1 file changed +16
-16
lines changed
Expand file tree Collapse file tree 1 file changed +16
-16
lines changed Original file line number Diff line number Diff line change @@ -324,22 +324,22 @@ Description: The field should specify the name of the SIEM/EDR/XDR in the approp
324324
325325Possible Values:
326326
327- - ` sentinel-kql-query `
328- - ` sentinel-kql-rule `
329- - ` splunk-spl-query `
330- - ` splunk-spl-rule `
331- - ` crowdstrike-spl-query `
332- - ` elastic-lucene-query `
333- - ` elastic-lucene-rule `
334- - ` opensearch-lucene-query `
335- - ` logscale-lql-query `
336- - ` logscale-lql-rule `
337- - ` mde-kql-query `
338- - ` qradar-aql-query `
339- - ` sigma-yml-rule `
340- - ` athena-sql-query `
341- - ` chronicle-yaral-query `
342- - ` chronicle-yaral-rule `
327+ - ` sentinel-kql-query ` for Microsoft Sentinel Query
328+ - ` sentinel-kql-rule ` for Microsoft Sentinel Rule
329+ - ` splunk-spl-query ` for Splunk Query
330+ - ` splunk-spl-rule ` for Splunk Alert
331+ - ` crowdstrike-spl-query ` for CrowdStrike Query
332+ - ` elastic-lucene-query ` for Elasticsearch Query
333+ - ` elastic-lucene-rule ` for Elasticsearch Rule
334+ - ` opensearch-lucene-query ` for AWS OpenSearch Query
335+ - ` logscale-lql-query ` for Falcon LogScale Query
336+ - ` logscale-lql-rule ` for Falcon LogScale Rule
337+ - ` mde-kql-query ` for Microsoft Defender for Endpoint Query
338+ - ` qradar-aql-query ` for IBM QRadar Query
339+ - ` sigma-yml-rule ` for Sigma Rule
340+ - ` athena-sql-query ` for WS Athena Query (Security Lake)
341+ - ` chronicle-yaral-query ` for Chronicle Security Query
342+ - ` chronicle-yaral-rule ` for Chronicle Security Rule
343343
344344Example: ` language: splunk-spl-query `
345345
You can’t perform that action at this time.
0 commit comments