Update PaloAltoPrismaCloudMultipleFailedLoginsUser.yaml

Fix threshold typo
2021-06-29 13:43:24 -07:00 · 2021-06-29 13:43:24 -07:00 · abc32f3b7a
--- a/Rules/PaloAltoPrismaCloudMultipleFailedLoginsUser.yaml
+++ b/Rules/PaloAltoPrismaCloudMultipleFailedLoginsUser.yaml
@ -16,17 +16,17 @@ tactics:
 relevantTechniques:
  - T1110
 query: |
-  let threashold = 10;
+  let threshold = 10;
  PaloAltoPrismaCloud
  | where ResourceType =~ 'Login'
  | where EventResult =~ 'Failed'
  | where EventMessage !has 'access key'
  | summarize count() by UserName, bin(TimeGenerated, 5m)
-  | where count_ > threashold
+  | where count_ > threshold
  | extend AccountCustomEntity = UserName
 entityMappings:
  - entityType: Account
    fieldMappings:
      - identifier: Name
        columnName: AccountCustomEntity
-version: 1.0.0
+version: 1.0.0