elastic
diff --git a/‎detection_rules/etc/integration-manifests.json.gz‎
730 Bytes b/‎detection_rules/etc/integration-manifests.json.gz‎
730 Bytes
diff --git a/‎detection_rules/etc/integration-schemas.json.gz‎
202 KB b/‎detection_rules/etc/integration-schemas.json.gz‎
202 KB
diff --git a/‎detection_rules/schemas/definitions.py‎
Lines changed: 2 additions & 1 deletion b/‎detection_rules/schemas/definitions.py‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎tests/test_all_rules.py‎
Lines changed: 2 additions & 1 deletion b/‎tests/test_all_rules.py‎
Lines changed: 2 additions & 1 deletion
@@ -79,7 +79,8 @@ def validator(value):
                         'sentinel_one_cloud_funnel',
                         'ti_rapid7_threat_command',
                         'm365_defender',
-                        'panw']
+                        'panw',
+                        'crowdstrike']
 NON_PUBLIC_FIELDS = {
     "related_integrations": (Version.parse('8.3.0'), None),
     "required_fields": (Version.parse('8.3.0'), None),
 
@@ -353,7 +353,8 @@ def test_required_tags(self):
             'logs-windows.powershell*': {'all': ['Data Source: PowerShell Logs']},
             'logs-sentinel_one_cloud_funnel.*': {'all': ['Data Source: SentinelOne']},
             'logs-fim.event-*': {'all': ['Data Source: File Integrity Monitoring']},
-            'logs-m365_defender.event-*': {'all': ['Data Source: Microsoft Defender for Endpoint']}
+            'logs-m365_defender.event-*': {'all': ['Data Source: Microsoft Defender for Endpoint'],
+            'logs-crowdstrike.fdr*': {'all': ['Data Source: Crowdstrike']}
         }
 
         for rule in self.all_rules:
Original file line number	Diff line number	Diff line change
`@@ -353,7 +353,8 @@ def test_required_tags(self):`
`353`	`353`	`'logs-windows.powershell*': {'all': ['Data Source: PowerShell Logs']},`
`354`	`354`	`'logs-sentinel_one_cloud_funnel.*': {'all': ['Data Source: SentinelOne']},`
`355`	`355`	`'logs-fim.event-*': {'all': ['Data Source: File Integrity Monitoring']},`
`356`		`- 'logs-m365_defender.event-*': {'all': ['Data Source: Microsoft Defender for Endpoint']}`
	`356`	`+ 'logs-m365_defender.event-*': {'all': ['Data Source: Microsoft Defender for Endpoint'],`
	`357`	`+ 'logs-crowdstrike.fdr*': {'all': ['Data Source: Crowdstrike']}`
`357`	`358`	`}`
`358`	`359`
`359`	`360`	`for rule in self.all_rules:`