gnh1201/welsonjs
1
0
Fork 0
mirror of https://github.com/gnh1201/welsonjs.git synced 2025-11-28 02:20:49 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update FileEventMonitor.cs

Browse Source
This commit is contained in:
Namhyeon Go 2024-09-09 17:10:31 +09:00
parent 672a3637de
commit bc74515095
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
WelsonJS.Toolkit/WelsonJS.Service/FileEventMonitor.cs
View File

@ -75,7 +75,7 @@ namespace WelsonJS.Service
{ {
string query = @"<QueryList> string query = @"<QueryList>
<Query Id='0' Path='Microsoft-Windows-Sysmon/Operational'> <Query Id='0' Path='Microsoft-Windows-Sysmon/Operational'>
<Select Path='Microsoft-Windows-Sysmon/Operational'>*[System/EventID=11 or System/EventID=3]</Select> <Select Path='Microsoft-Windows-Sysmon/Operational'>*[System/EventID=11 or System/EventID=3 or System/EventID=12 or System/EventID=13 or System/EventID=14]</Select>
</Query> </Query>
</QueryList>"; </QueryList>";