From e48ce8a5ad65f0b52fb0ac76dd0e5c111b62df05 Mon Sep 17 00:00:00 2001
From: lord-garmadon <82653198+lord-garmadon@users.noreply.github.com>
Date: Mon, 19 Apr 2021 15:47:17 +0200
Subject: [PATCH] Add exclusion for WUDFHost.exe to Event 11
---
sysmonconfig-export.xml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/sysmonconfig-export.xml b/sysmonconfig-export.xml
index f4acf26c..0030e58a 100644
--- a/sysmonconfig-export.xml
+++ b/sysmonconfig-export.xml
@@ -529,6 +529,7 @@
C:\Windows\system32\CompatTelRunner.exe
\\?\C:\Windows\system32\wbem\WMIADAP.EXE
C:\Windows\system32\mobsync.exe
+ C:\Windows\System32\WUDFHost.exe
C:\Windows\system32\DriverStore\Temp\
C:\Windows\system32\wbem\Performance\
C:\Windows\Installer\
@@ -1156,4 +1157,4 @@
-
\ No newline at end of file
+