honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[DOCS] Remove unneeded word in EQL docs

This commit is contained in:
James Rodewig 2020-10-13 13:56:56 -04:00
parent 086df0636e
commit 8455cf8ff0
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
docs/reference/eql/detect-threats-with-eql.asciidoc
View File

@ -5,10 +5,10 @@
beta::[] beta::[]
This example tutorial shows you how you can use EQL to detect security threats This example tutorial shows how you can use EQL to detect security threats and
and other suspicious behavior. In the scenario, you're tasked with detecting other suspicious behavior. In the scenario, you're tasked with detecting
https://attack.mitre.org/techniques/T1218/010/[regsvr32 misuse] in Windows https://attack.mitre.org/techniques/T1218/010/[regsvr32 misuse] in Windows event
event logs. logs.
`regsvr32.exe` is a built-in command-line utility used to register `.dll` `regsvr32.exe` is a built-in command-line utility used to register `.dll`
libraries in Windows. As a native tool, `regsvr32.exe` has a trusted status in libraries in Windows. As a native tool, `regsvr32.exe` has a trusted status in