diff --git a/rules/0610-win-ms_logs_rules.xml b/rules/0610-win-ms_logs_rules.xml
index 254ad6bf7..57cd87c7a 100644
--- a/rules/0610-win-ms_logs_rules.xml
+++ b/rules/0610-win-ms_logs_rules.xml
@@ -90,6 +90,7 @@
       <id>T1529</id>
     </mitre>
     <options>no_full_log</options>
+    <group>windows_log_service_stopped,</group>
   </rule>
 
 </group>