From b306ed6e94d785c6a3b8d693bc2ad1b971c08227 Mon Sep 17 00:00:00 2001
From: Panos Moullotos <25383165+moullos@users.noreply.github.com>
Date: Sat, 14 Sep 2024 12:39:06 +0300
Subject: [PATCH] Update crowdstrike.py

---
 sigma/pipelines/crowdstrike/crowdstrike.py | 13 -------------
 1 file changed, 13 deletions(-)

diff --git a/sigma/pipelines/crowdstrike/crowdstrike.py b/sigma/pipelines/crowdstrike/crowdstrike.py
index 4f4eeb4..30bbb3b 100644
--- a/sigma/pipelines/crowdstrike/crowdstrike.py
+++ b/sigma/pipelines/crowdstrike/crowdstrike.py
@@ -448,19 +448,6 @@ def common_processing_items():
             ],
             field_name_condition_linking=any,
         ),
-        # ImageFileName full path handling with contains
-        # ProcessingItem(
-        #     identifier="cql_imagefilename_replace_disk_name_contains",
-        #     transformation=ReplaceStringTransformation(
-        #         regex="^\\*[C-Z]:", replacement="*\\\\Device\\\\HarddiskVolume?\\\\"
-        #     ),
-        #     field_name_conditions=[
-        #         IncludeFieldCondition(fields=["ImageFileName"]),
-        #         IncludeFieldCondition(fields=["TargetImageFileName"]),
-        #     ],
-        #     field_name_condition_linking=any,
-        # ),
-        # ImageFileName starting with colon handling
         ProcessingItem(
             identifier="cql_imagefilename_replace_disk_name",
             transformation=ReplaceStringTransformation(regex=":", replacement=""),