Closed OutpostSecurity closed 3 years ago
Updated match_type entries with space to match Splunk spec. Also added WILDCARD(event_type) to [registry_whitelist] which seemed to be breaking it from working properly.
Updated match_type entries with space to match Splunk spec. Also added WILDCARD(event_type) to [registry_whitelist] which seemed to be breaking it from working properly.