Fix Rod's LLM dataset (#1096)

* updating with correct values

* updating txt to log

Author: patel-bhavin

datasets/suspicious_behaviour/local_llms/4688_local_llms.log

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:a41b3400dd8a3c3fff147397dd5e22320e006292114e67a5b301d4acbc6fed34
+size 7033925

datasets/suspicious_behaviour/local_llms/4688_local_llms.txt

@@ -7,11 +7,14 @@ directory: local_llms
 mitre_technique: []
 datasets:
 - name: sysmon_local_llms
-  path: /datasets/local_llms/sysmon_local_llms.txt
-  source: https://raw.githubusercontent.com/splunk/attack_data/master/datasets/suspicious_behaviour/local_llms/sysmon_local_llms.txt
-  sourcetype: XmlWinEventLog:Microsoft-Windows-Sysmon/Operational
+  path: /datasets/suspicious_behaviour/local_llms/sysmon_local_llms.log
+  source: XmlWinEventLog:Microsoft-Windows-Sysmon/Operational
+  sourcetype: XmlWinEventLog
 - name: 4688_local_llms
-  path: /datasets/local_llms/4688_local_llms.txt
-  source: https://raw.githubusercontent.com/splunk/attack_data/master/datasets/suspicious_behaviour/local_llms/4688_local_llms.txt
-  sourcetype: XmlWinEventLog:Security
-
+  path: /datasets/suspicious_behaviour/local_llms/4688_local_llms.log
+  source: XmlWinEventLog:Microsoft-Windows-Sysmon/Operational
+  sourcetype: XmlWinEventLog
+- name: sysmon_dns
+  path: /datasets/suspicious_behaviour/local_llms/sysmon_dns.log
+  source: XmlWinEventLog:Security
+  sourcetype: XmlWinEventLog

datasets/suspicious_behaviour/local_llms/suspicious_local_llm_frameworks.yml

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:fad7741b9a15fe3b0e32740381bf724427997262f4b052e546598964fff35f2c
+size 5434

datasets/suspicious_behaviour/local_llms/sysmon_dns.log

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4916f9587730db30bb5228a4b3e7c29ffde1d625f8f9ac830d8783e20b7ebcc8
+size 32724052