Skip to content

Commit

Permalink
Merge pull request #258 from splunk/CRL-1363-search-remote-registry-k…
Browse files Browse the repository at this point in the history 
…ey-modifications-description-is-wrong

Update remote_registry_modifications.yml
  • Loading branch information
@patel-bhavin
patel-bhavin authored Nov 14, 2019
2 parents 5eaa6fe + 28e1d88 commit 7d921db
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion detections/remote_registry_modifications.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ eli5: This search looks for modifications made to the Windows registry from remo
performed the modification.
entities:
- dest
how_to_implement: To successfully implement this search, you must populate the `Change_Analysis`
how_to_implement: To successfully implement this search, you must populate the `Endpoint`
data model. This is typically populated via endpoint detection-and-response products,
such as Carbon Black, or endpoint data sources, such as Sysmon. The data used for
this search is typically generated via logs that report reads and writes to the
Expand Down

0 comments on commit 7d921db

Please sign in to comment.