Windows.Sigma.Triage artifact #

This artifact contains rules designed to triage a Windows host using VQL queries.

You can download the artifact pack here Windows-Sigma-Triage.zip and customize using instructions at Customizing Artifacts