{
  "Priority": 171,
  "RuleEntry": {
    "RuleName": "Remote Connector 59",
    "Description": "Under endpoint applied for investigation suspicious incident investigation.",
    "Enabled": true,
    "Source": {
      "Cidrs": [
        "10.248.0.0/16",
        "10.188.0.0/16",
        "10.16.0.0/16"
      ],
      "Countries": [
        "example-Countries_item"
      ],
      "Feeds": [
        "example-Feeds_item"
      ],
      "PrefixLists": [
        "example-PrefixLists_item",
        "example-PrefixLists_item"
      ]
    },
    "NegateSource": false,
    "Destination": {
      "Cidrs": [
        "10.52.0.0/16"
      ],
      "Countries": [
        "example-Countries_item"
      ],
      "Feeds": [
        "example-Feeds_item"
      ],
      "FqdnLists": [
        "example-FqdnLists_item"
      ],
      "PrefixLists": [
        "example-PrefixLists_item",
        "example-PrefixLists_item"
      ]
    },
    "NegateDestination": false,
    "Applications": [
      "dns",
      "ssl",
      "office365"
    ],
    "Category": {
      "URLCategoryNames": [
        "Remote Cluster 41",
        "Branch Sensor 01",
        "Production Policy 08"
      ],
      "Feeds": [
        "example-Feeds_item",
        "example-Feeds_item"
      ]
    },
    "Protocol": "ANY",
    "Action": "Allow",
    "DecryptionRuleType": "None",
    "AuditComment": "Rule network under endpoint investigation threat threat allowed alert blocked threat network incident incident."
  }
}