fix: common field

Yamato-Security · Dec 17, 2023 · 4e93edb · 4e93edb
1 parent 55ff063
commit 4e93edb
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/tools/sigmac/logsource_mapping.py b/tools/sigmac/logsource_mapping.py
@@ -141,7 +141,7 @@ def need_field_conversion(self) -> bool:
         return False
 
     def is_detectable_fields(self, keys) -> bool:
-        common_fields = ["CommandLine", "ProcessId", "OriginalFileName"]
+        common_fields = ["CommandLine", "ProcessId"]
         keys = [re.sub(r"\|.*", "", k) for k in keys]
         keys = [k for k in keys if k not in common_fields]
         if not keys: