id: d5496a8e-7651-463c-8430-da0d96e5528e name: Powershell Empire cmdlets seen in command line description: | 'As part of content migration, this file is moved to new location. you can find here: https://github.com/Azure/Azure-Sentinel/blob/master/Solutions/Attacker%20Tools%20Threat%20Protection%20Essentials/Analytic%20Rules/powershell_empire.yaml' version: 1.0.1