Hi there,
I'm trying to understand how the <action> </action> feature works . According to the official rule manual implementation you can use several actions that will be triggered along with your rule:
"actions—allow to block an executable immediately after rule triggering. Action names are:
· TriggerDetection—if no actions specified in the actions tag field, this action is executed by default, and the
detection is triggered in EEI. If other actions are specified, and the user still wants to trigger detection, this action
has to be added
· MarkAsScript—marks an