Update collection_winrar_encryption.toml

Author: w0rk3r

rules/windows/collection_winrar_encryption.toml

@@ -1,6 +1,6 @@
 [metadata]
 creation_date = "2020/12/04"
-integration = ["endpoint", "windows", "m365_defender", "sentinel_one_cloud_funnel", "crowdstrike"]
+integration = ["endpoint", "windows", "m365_defender", "sentinel_one_cloud_funnel"]
 maturity = "production"
 updated_date = "2024/11/02"
 min_stack_version = "8.14.0"
@@ -19,8 +19,7 @@ index = [
   "logs-windows.sysmon_operational-*",
   "endgame-*",
   "logs-m365_defender.event-*",
-  "logs-sentinel_one_cloud_funnel.*",
-  "logs-crowdstrike.fdr*"
+  "logs-sentinel_one_cloud_funnel.*"
 ]
 language = "eql"
 license = "Elastic License v2"
@@ -82,8 +81,7 @@ tags = [
     "Data Source: Elastic Defend",
     "Data Source: Sysmon",
     "Data Source: Microsoft Defender for Endpoint",
-    "Data Source: SentinelOne",
-    "Data Source: Crowdstrike",
+    "Data Source: SentinelOne"
 ]
 timestamp_override = "event.ingested"
 type = "eql"