Closed ar3diu closed 2 months ago
❌ Author of the following commits did not sign a Contributor Agreement: 8c851af8cc0a0a005201f8158e8c284fcb1309a4
Please, read and sign the above mentioned agreement if you want to contribute to this project
@ar3diu Can you confirm you signed the CLA with the same email account that you used to commit for this PR? Also can you update the date in the rule?
@ar3diu IINM the reason why it's failing is cause there is a commit from user Andrei Rediu
which is different from ar3diu
.
@Mikaayenson
So what should I do now? I already signed the CLA for both usernames.
Issues
https://github.com/elastic/detection-rules/issues/3756
Summary
I added another process executable path in one of the exclusions:
"?:\\Windows\\System32\\WerFaultSecure.exe"
. The rule was triggered in a production environment for this exact executable and.dmp
files that are already included in the query.Contributor checklist