54c75167ce
Default configurations for backends
2019-11-03 23:32:50 +01:00
6a1a96a918
Implement mapping when selecting the fields for the AQL query. This was not being done correctly
2019-10-16 16:37:09 +02:00
2837d3ba74
Added the cleanValue function for Qradar
2019-10-16 10:27:24 +02:00
849a5a520d
Conditional field mapping resolve_fieldname now functional
...
Before this method just had some placeholder function that wasn't really
implementing the intended functionality of the conditional field
mapping. Now aggregations get also conditional field mapping
functionality.
2019-10-09 23:57:41 +02:00
c80cb418cd
Improved QRadar regular expression support
2019-09-05 15:35:26 +02:00
2a60c71b9d
Merge pull request #437 from svent/qradar_regex_modifier
...
QRadar backend: add support for re type modifiers
2019-09-05 10:30:18 +02:00
467c8f694c
QRadar backend: add support for re type modifiers
2019-09-03 22:55:48 +02:00
37caccd52e
Includes the trial condition so generic query is generated whenever the fields are not defined
2019-08-26 11:48:40 +00:00
895682aef2
Implementing the fields to be selected
2019-08-26 10:57:43 +00:00
1ea6d00a39
Fix QRadar field name escaping and handling
2019-08-12 23:47:43 +02:00
eb022f3908
Conditional field mapping for null values
...
Fixes #326
2019-04-25 23:24:05 +02:00
aa37ef2559
extending the qradar backend to allow for timeframe query
2019-01-11 03:33:49 +00:00
29bed766dd
removed re-introduced output class from qradar backend. fixed list handling error.
2018-08-21 22:45:12 -07:00
9a61f40cef
added support flor flow data in qradar backend
2018-08-16 21:44:17 -07:00
a8d1831382
Added aggregation support for qradar backend
2018-08-13 23:04:10 -07:00
b76fa884ec
Changed copyright notices accordingly
2018-07-24 00:01:16 +02:00
cf175d7b7e
Removal from sigma.backends.qradar
2018-07-22 09:14:50 +02:00
097660c678
Splitting backends - Copy qradar.py
2018-07-22 09:12:29 +02:00
Thomas Patzke