from 李林原

7 months ago · 71f46cb052
parent 1f9b203953
commit 71f46cb052
1 changed files with 100 additions and 99 deletions
--- a/src/O365_detection_rules.json
+++ b/src/O365_detection_rules.json
@ -1,4 +1,6 @@
-[
+{
    "description": "此 JSON 文件包含与 O365 安全检测相关的规则，每条规则包括名称、严重性等级和查询语句。",
    "rules": [
        {
            "name": "Suspicious User Agent",
            "severity": "High",
@ -94,6 +96,5 @@
            "severity": "High",
            "query": "SELECT * FROM events WHERE ( Operation LIKE '%Disable Strong Authentication.%' ) "
        }
-
+    ]
-
+}
 ]