Update Azure Firewall - High severity malicious activity detected.yaml

shabaz-github · web-flow · commit f1a4ca88ef0c · 2026-02-06T20:52:11.000+05:30
diff --git a/Solutions/Azure Firewall/Analytic Rules/Azure Firewall - High severity malicious activity detected.yaml b/Solutions/Azure Firewall/Analytic Rules/Azure Firewall - High severity malicious activity detected.yaml
@@ -22,7 +22,7 @@ relevantTechniques:
   - T1003
   - T1204
 query: |
-  let TimeWindow   = 90d;    // How far back to look (aligns with queryPeriod)
+  let TimeWindow   = 90d;    // How far back to look 
   let HitThreshold = 10;     // Minimum hits to alert per SourceIp + Category
   let MinSeverity  = 1;      // Set Minimum Severity
   let EnableCategoryFilter    = true;   // Filter 1: use CategoriesOfInterest
