Skip to content

Commit eca0401

Browse files
jrodewigjrodewig
authored
[DOCS] EQL: Remove outdated wildcard ref (#65684) (#65691)
1 parent 745f527 commit eca0401

File tree

1 file changed

+0
-4
lines changed

1 file changed

+0
-4
lines changed

docs/reference/eql/functions.asciidoc

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1015,10 +1015,6 @@ expressions. Matching is case-sensitive.
10151015
*Example*
10161016
[source,eql]
10171017
----
1018-
// The two following expressions are equivalent.
1019-
process.name == "*regsvr32*" or process.name == "*explorer*"
1020-
wildcard(process.name, "*regsvr32*", "*explorer*")
1021-
10221018
// process.name = "regsvr32.exe"
10231019
wildcard(process.name, "*regsvr32*") // returns true
10241020
wildcard(process.name, "*regsvr32*", "*explorer*") // returns true

0 commit comments

Comments
 (0)