Branch was auto-updated.

dist/escu/app.manifest

@@ -5,7 +5,7 @@
     "id": {
       "group": null, 
       "name": "DA-ESS-ContentUpdate", 
-      "version": "4.5.1"
+      "version": "4.6.0"
     }, 
     "author": [
       {

dist/escu/default/app.conf

@@ -4,7 +4,7 @@
 is_configured = false
 state = enabled
 state_change_requires_restart = false
-build = 15163
+build = 15542
 
 [triggers]
 reload.analytic_stories = simple
@@ -20,7 +20,7 @@ reload.es_investigations = simple
 
 [launcher]
 author = Splunk
-version = 4.5.1
+version = 4.6.0
 description = Explore the Analytic Stories included with ES Content Updates.
 
 [ui]

dist/escu/default/collections.conf

@@ -1,6 +1,6 @@
 #############
 # Automatically generated by generator.py in splunk/security_content
-# On Date: 2023-06-22T18:50:57 UTC
+# On Date: 2023-06-27T23:22:58 UTC
 # Author: Splunk Security Research
 # Contact: research@splunk.com
 #############

dist/escu/default/content-version.conf

@@ -1,2 +1,2 @@
 [content-version]
-version = 4.5.1
+version = 4.6.0

dist/escu/default/es_investigations.conf

@@ -1,6 +1,6 @@
 #############
 # Automatically generated by generator.py in splunk/security_content
-# On Date: 2023-06-22T18:50:57 UTC
+# On Date: 2023-06-27T23:22:58 UTC
 # Author: Splunk Security Research
 # Contact: research@splunk.com
 #############

dist/escu/default/macros.conf

@@ -1,6 +1,6 @@
 #############
 # Automatically generated by generator.py in splunk/security_content
-# On Date: 2023-06-22T18:50:57 UTC
+# On Date: 2023-06-27T23:22:58 UTC
 # Author: Splunk Security Research
 # Contact: research@splunk.com
 #############
@@ -1109,10 +1109,6 @@ description = Update this macro to limit the output results to filter out false
 definition = search *
 description = Update this macro to limit the output results to filter out false positives.
 
-[kubernetes_aws_detect_rbac_authorization_by_account_filter]
-definition = search *
-description = Update this macro to limit the output results to filter out false positives.
-
 [kubernetes_aws_detect_sensitive_role_access_filter]
 definition = search *
 description = Update this macro to limit the output results to filter out false positives.
@@ -4089,6 +4085,10 @@ description = Update this macro to limit the output results to filter out false
 definition = search *
 description = Update this macro to limit the output results to filter out false positives.
 
+[windows_files_and_dirs_access_rights_modification_via_icacls_filter]
+definition = search *
+description = Update this macro to limit the output results to filter out false positives.
+
 [windows_findstr_gpp_discovery_filter]
 definition = search *
 description = Update this macro to limit the output results to filter out false positives.
@@ -4521,6 +4521,10 @@ description = Update this macro to limit the output results to filter out false
 definition = search *
 description = Update this macro to limit the output results to filter out false positives.
 
+[windows_powershell_scheduletask_filter]
+definition = search *
+description = Update this macro to limit the output results to filter out false positives.
+
 [windows_powershell_wmi_win32_scheduledjob_filter]
 definition = search *
 description = Update this macro to limit the output results to filter out false positives.

dist/escu/default/transforms.conf

@@ -1,6 +1,6 @@
 #############
 # Automatically generated by generator.py in splunk/security_content
-# On Date: 2023-06-22T18:50:57 UTC
+# On Date: 2023-06-27T23:22:58 UTC
 # Author: Splunk Security Research
 # Contact: research@splunk.com
 #############

dist/escu/default/workflow_actions.conf

@@ -1,6 +1,6 @@
 #############
 # Automatically generated by generator.py in splunk/security_content
-# On Date: 2023-06-22T18:50:57 UTC
+# On Date: 2023-06-27T23:22:58 UTC
 # Author: Splunk Security Research
 # Contact: research@splunk.com
 #############