+++ name = "Some event" description = "Some description" [[WindowsEvent.sample]] xml = """ 4688 2 0 13312 0 0x8020000000000000 2814 Security WIN-GG82ULGC9GO.contoso.local S-1-5-18 WIN-GG82ULGC9GO$ CONTOSO 0x3e7 0x2bc C:\\Windows\\System32\\rundll32.exe %%1938 0xe74 S-1-5-21-1377283216-344919071-3415362939-1104 dadmin CONTOSO 0x4a5af0 C:\\Windows\\explorer.exe S-1-16-8192 """ +++ Something about the event