Merge pull request #2392 from redsand/hawk_fix_regex_type

fixes error when implementing regex type, data should not be escaped

tools/config/hawk.yml

@@ -150,7 +150,7 @@ logsources:
      vendor_id: "11"
  windows-file-event:
    product: windows
-   category: file_create
+   category: file_event
    conditions:
      product_name: "Sysmon"
      vendor_id: "11"

tools/sigma/backends/hawk.py

@@ -328,7 +328,8 @@ class HAWKBackend(SingleTextQueryBackend):
         if type(value) == SigmaRegularExpressionModifier:
             value = str(value)
             value = value.replace("*", "EEEESTAREEE")
-            value = re.escape(self.generateValueNode(value, True))
+            # IS REGEX, NEVER NEED TO ESCAPE!
+            value = self.generateValueNode(value, True)
             value = value.replace("EEEESTAREEE", ".*")
             endsWith = False
             startsWith = False