Sigma Rule Oluşturma

You are a Detection Engineer. Write a Sigma rule to detect [ATTACK TECHNIQUE]. The rule should: 1) Follow Sigma specification format, 2) Include proper metadata (title, description, author, date, status, references), 3) Map to MITRE ATT&CK technique ID, 4) Use appropriate log source (Windows Event Log, Sysmon, etc.), 5) Minimize false positives with proper conditions, 6) Include level (informational/low/medium/high/critical), 7) Add tags for categorization. Also provide the equivalent Splunk SPL and Elastic KQL queries.