From 5835d86b0bcc1a8ac6cf7654080a3e6d7524c948 Mon Sep 17 00:00:00 2001
From: lord-garmadon <82653198+lord-garmadon@users.noreply.github.com>
Date: Fri, 16 Apr 2021 13:16:48 +0200
Subject: [PATCH 1/2] Corrected event name for Event ID 23
Changed from ClipboardChange to FileDelete
---
sysmonconfig-export.xml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/sysmonconfig-export.xml b/sysmonconfig-export.xml
index f4acf26..6e1fe69 100644
--- a/sysmonconfig-export.xml
+++ b/sysmonconfig-export.xml
@@ -1110,8 +1110,8 @@
@@ -1156,4 +1156,4 @@
-
\ No newline at end of file
+
From edc4056f4ff0ae2c3b5eb72f1ccb6147ca683984 Mon Sep 17 00:00:00 2001
From: lord-garmadon <82653198+lord-garmadon@users.noreply.github.com>
Date: Fri, 16 Apr 2021 13:21:41 +0200
Subject: [PATCH 2/2] Add missing rule group to Event ID 15
---
sysmonconfig-export.xml | 2 ++
1 file changed, 2 insertions(+)
diff --git a/sysmonconfig-export.xml b/sysmonconfig-export.xml
index 6e1fe69..3e464b7 100644
--- a/sysmonconfig-export.xml
+++ b/sysmonconfig-export.xml
@@ -781,6 +781,7 @@
+
Downloads
Temp\7z
@@ -799,6 +800,7 @@
.vbe
.vbs
+