Skip to content

Commit

Permalink
Revert elastic#1440 new endpoint promotion rule (elastic#1470)
Browse files Browse the repository at this point in the history 
* Revert elastic#1440 new endpoint promotion rule
* Set the updated_at date
  • Loading branch information
@rw-access
rw-access authored Sep 3, 2021
1 parent 7710e2b commit c9d6527
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 72 deletions.
5 changes: 2 additions & 3 deletions rules/integrations/endpoint/elastic_endpoint_security.toml
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
[metadata]
creation_date = "2020/07/08"
maturity = "production"
updated_date = "2021/08/25"
integration = "endpoint"
updated_date = "2021/09/03"

[rule]
author = ["Elastic"]
Expand All @@ -26,7 +25,7 @@ timestamp_override = "event.ingested"
type = "query"

query = '''
event.kind:alert and event.module:(endpoint and not endgame) and not event.code: behavior
event.kind:alert and event.module:(endpoint and not endgame)
'''


Expand Down
69 changes: 0 additions & 69 deletions rules/integrations/endpoint/elastic_endpoint_security_behavior_protection.toml
View file

This file was deleted.

0 comments on commit c9d6527

Please sign in to comment.