Could not compile rule #5025
Assignees
Labels
False-Positive
Issue reporting a false positive with one of the rules
Comments
TheDudeasap
added
the
False-Positive
|
Welcome @TheDudeasap 👋 It looks like this is your first issue on the Sigma rules repository! The following repository accepts issues related to If you're reporting an issue related to the pySigma library please consider submitting it here If you're reporting an issue related to the deprecated sigmac library please consider submitting it here Thanks for taking the time to open this issue, and welcome to the Sigma community! 😃 |
|
Responded to your issue on pysigma. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Rule UUID
f01d1f70-cd41-42ec-9c0b-26dd9c22bf29
Example EventLog
{
"Module": "Sigma",
"aurora_eventid": 95,
"error": "syntax error in selection element of rule Process Deletion of Its Own Executable: invalid Modifier "fieldref"",
"file": "public\windows\file\file_delete\file_delete_win_delete_own_image.yml",
"id": "f01d1f70-cd41-42ec-9c0b-26dd9c22bf29",
"level": "error",
"msg": "Could not compile rule",
"time": "2024-09-27T20:16:55+02:00",
"title": "Process Deletion of Its Own Executable",
"_Match": [
"-"
],
"_Description": []
}
Description
can someone tell me what that is ?
The text was updated successfully, but these errors were encountered: