honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

[DOCS] EQL: Use consistent string notation (#62472) (#62477)

This commit is contained in:
James Rodewig 2020-09-16 11:43:37 -04:00 committed by GitHub
parent 8a2e9e66d4
commit f347f0207f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
docs/reference/eql/detect-threats-with-eql.asciidoc
View File

@ -299,8 +299,8 @@ GET /my-index-000001/_eql/search
{
"query": """
sequence by process.pid
[process where process.name == 'regsvr32.exe']
[library where dll.name == 'scrobj.dll']
[process where process.name == "regsvr32.exe"]
[library where dll.name == "scrobj.dll"]
[network where true]
"""
}