Update command_and_control_socks_fortigate_endpoint.toml

Samirbous · Samirbous · commit 9da8ed12a57a · 2025-11-17T17:09:50.000Z
diff --git a/rules/cross-platform/command_and_control_socks_fortigate_endpoint.toml b/rules/cross-platform/command_and_control_socks_fortigate_endpoint.toml
@@ -33,7 +33,7 @@ tags = [
     "Use Case: Threat Detection",
     "Tactic: Command and Control",
     "Data Source: Elastic Defend",
-    "Data Source: Fortinet FortiGate Firewall Logs",
+    "Data Source: Fortinet",
     "Resources: Investigation Guide",
 ]
 type = "eql"

Original file line number	Diff line number	Diff line change
`@@ -33,7 +33,7 @@ tags = [`
`33`	`33`	`"Use Case: Threat Detection",`
`34`	`34`	`"Tactic: Command and Control",`
`35`	`35`	`"Data Source: Elastic Defend",`
`36`		`- "Data Source: Fortinet FortiGate Firewall Logs",`
	`36`	`+ "Data Source: Fortinet",`
`37`	`37`	`"Resources: Investigation Guide",`
`38`	`38`	`]`
`39`	`39`	`type = "eql"`