security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
10,511 Commits 1 Branch 57 Tags
e91fc4486e57fc40e30d12253694de4c80a9e4ea
Commit Graph

13 Commits

Author SHA1 Message Date
Markku Parviainen 900263315a Added support for free-text search in logsources configuration, enabling usage of splunk macros and ability to optimize the resulting searches. 2021-06-16 14:52:45 +03:00
Thomas Patzke f4734cd5e5 Merge pull request #1309 from WuerthIT:logsourcemerging 
functionality for parameter logsourcemerging
 2021-03-13 22:25:29 +01:00
jaegeral e1f43f17c2 fixed various spelling errors all over rules and source code 2021-02-24 14:43:13 +00:00
k-vdv 6744770768 functionality for parameter logsourcemerging 2020-12-15 09:23:49 +01:00
Thomas Patzke 337681cfce Value modifiers 
* First transformation modfiers: contains, all
* Sigma converter modifier list
 2019-06-30 23:41:28 +02:00
Thomas Patzke eb022f3908 Conditional field mapping for null values 
Fixes #326
 2019-04-25 23:24:05 +02:00
Thomas Patzke a9cf14438c Merge branch 'master' into project-1 2019-01-14 22:36:15 +01:00
Thomas Patzke 26d888aec3 Removed "not null" handling code 
Feature was removed some time ago.
 2018-11-21 22:56:48 +01:00
Thomas Patzke e28bc35cad Apply field mappings in generation of log source condition 2018-10-06 23:38:35 +02:00
Thomas Patzke d81946df39 Stacked configurations 
- Added log source rewriting
- Removed log source merging condition type setting
- Simplified SigmaLogsourceConfiguration constructor
- Condition is generated in SigmaParser instead of SigmaLogsourceConfiguration

Missing:
- Merging of raw config dict for backends that rely on this (es-dsl)
 2018-09-12 23:40:22 +02:00
Thomas Patzke 1c4c67053c Fixes for parser split 
* Fixed imports
* Rename
 2018-07-27 00:02:07 +02:00
Thomas Patzke c8043368bd Split parser - code removal from rule 2018-07-26 22:43:49 +02:00
Thomas Patzke a2329de03c Split parser - Copy rule 2018-07-26 22:07:38 +02:00