Update command_and_control_suricata_elastic_defend_c2.toml

Samirbous · Samirbous · commit f33a87902aa1 · 2025-12-10T14:14:43.000Z
diff --git a/rules/cross-platform/command_and_control_suricata_elastic_defend_c2.toml b/rules/cross-platform/command_and_control_suricata_elastic_defend_c2.toml
@@ -1,6 +1,6 @@
 [metadata]
 creation_date = "2025/12/10"
-integration = ["endpoint", "suricata"]
+integration = ["endpoint"]
 maturity = "production"
 updated_date = "2025/12/10"
 
@@ -32,6 +32,7 @@ tags = [
     "Use Case: Threat Detection",
     "Tactic: Command and Control",
     "Data Source: Elastic Defend",
+    "Data Source: Suricata",
     "Resources: Investigation Guide",
 ]
 type = "eql"
