clong
commented
4 years ago - Rename lookups/sysmonevencodes.csv → lookups/sysmoneventcodes.csv
- Consistently address the lookup file in props.conf
Closed clong closed 4 years ago
clong
commented
4 years ago 
olafhartong
commented
4 years ago Thanks Chris! I seem to have pushed a bad config set :( apologies for that I've decided to alter it even more, since the reliance on the sysmon TA is already there I got rid of the lookup entirely
olafhartong
commented
4 years ago I was stupid in my own changes, adopting this one with minor changes. Thanks man