Update PaloAltoPrismaCloudMultipleFailedLoginsUser.yaml

Fix threshold typo
2021-06-29 13:43:24 -07:00 · 2021-06-29 13:43:24 -07:00 · abc32f3b7a
--- a/Rules/PaloAltoPrismaCloudMultipleFailedLoginsUser.yaml
+++ b/Rules/PaloAltoPrismaCloudMultipleFailedLoginsUser.yaml
@ -16,13 +16,13 @@ tactics:
 relevantTechniques:
  - T1110
 query: |
-  let threashold = 10;
+  let threshold = 10;
  PaloAltoPrismaCloud
  | where ResourceType =~ 'Login'
  | where EventResult =~ 'Failed'
  | where EventMessage !has 'access key'
  | summarize count() by UserName, bin(TimeGenerated, 5m)
-  | where count_ > threashold
+  | where count_ > threshold
  | extend AccountCustomEntity = UserName
 entityMappings:
  - entityType: Account