phantinuss
73 lines
3.8 KiB
YAML
73 lines
3.8 KiB
YAML
validators:
|
|
- all
|
|
- -tlptag
|
|
- -tlpv1_tag
|
|
- -sigmahq_fieldname_cast
|
|
- -sigmahq_filename_prefix
|
|
- -sigmahq_logsource_unknown
|
|
- -sigmahq_ofselection_condition
|
|
- -sigmahq_sysmon_missing_eventid
|
|
exclusions:
|
|
# escaped_wildcard
|
|
021310d9-30a6-480a-84b7-eaa69aeb92bb: escaped_wildcard
|
|
1114e048-b69c-4f41-bc20-657245ae6e3f: escaped_wildcard
|
|
204b17ae-4007-471b-917b-b917b315c5db: escaped_wildcard
|
|
214e8f95-100a-4e04-bb31-ef6cba8ce07e: escaped_wildcard
|
|
220457c1-1c9f-4c2e-afe6-9598926222c1: escaped_wildcard
|
|
252902e3-5830-4cf6-bf21-c22083dfd5cf: escaped_wildcard
|
|
2d3cdeec-c0db-45b4-aa86-082f7eb75701: escaped_wildcard
|
|
2e7bbd54-2f26-476e-b4a1-ba5f1a012614: escaped_wildcard
|
|
304810ed-8853-437f-9e36-c4975c3dfd7e: escaped_wildcard
|
|
31d68132-4038-47c7-8f8e-635a39a7c174: escaped_wildcard
|
|
32d56ea1-417f-44ff-822b-882873f5f43b: escaped_wildcard
|
|
4281cb20-2994-4580-aa63-c8b86d019934: escaped_wildcard
|
|
434c08ba-8406-4d15-8b24-782cb071a691: escaped_wildcard
|
|
435e10e4-992a-4281-96f3-38b11106adde: escaped_wildcard
|
|
52d8b0c6-53d6-439a-9e41-52ad442ad9ad: escaped_wildcard
|
|
586a8d6b-6bfe-4ad9-9d78-888cd2fe50c3: escaped_wildcard
|
|
59e938ff-0d6d-4dc3-b13f-36cc28734d4e: escaped_wildcard
|
|
7857f021-007f-4928-8b2c-7aedbe64bb82: escaped_wildcard
|
|
7aaa5739-12fc-41aa-b98b-23ec27d42bdf: escaped_wildcard
|
|
7c9340a9-e2ee-4e43-94c5-c54ebbea1006: escaped_wildcard
|
|
7dc2dedd-7603-461a-bc13-15803d132355: escaped_wildcard
|
|
8fe1c584-ee61-444b-be21-e9054b229694: escaped_wildcard
|
|
904e8e61-8edf-4350-b59c-b905fc8e810c: escaped_wildcard
|
|
95724fc1-a258-4674-97db-a30351981c5a: escaped_wildcard
|
|
9637e8a5-7131-4f7f-bdc7-2b05d8670c43: escaped_wildcard
|
|
a36ce77e-30db-4ea0-8795-644d7af5dfb4: escaped_wildcard
|
|
a4824fca-976f-4964-b334-0621379e84c4: escaped_wildcard
|
|
a8f29a7b-b137-4446-80a0-b804272f3da2: escaped_wildcard
|
|
afe52666-401e-4a02-b4ff-5d128990b8cb: escaped_wildcard
|
|
c2993223-6da8-4b1a-88ee-668b8bf315e9: escaped_wildcard
|
|
c37510b8-2107-4b78-aa32-72f251e7a844: escaped_wildcard
|
|
c462f537-a1e3-41a6-b5fc-b2c2cef9bf82: escaped_wildcard
|
|
c73124a7-3e89-44a3-bdc1-25fe4df754b1: escaped_wildcard
|
|
d84c0ded-edd7-4123-80ed-348bb3ccc4d5: escaped_wildcard
|
|
db885529-903f-4c5d-9864-28fe199e6370: escaped_wildcard
|
|
dd218fb6-4d02-42dc-85f0-a0a376072efd: escaped_wildcard
|
|
dde85b37-40cd-4a94-b00c-0b8794f956b5: escaped_wildcard
|
|
e06ac91d-b9e6-443d-8e5b-af749e7aa6b6: escaped_wildcard
|
|
f3f21ce1-cdef-4bfc-8328-ed2e826f5fac: escaped_wildcard
|
|
f57f8d16-1f39-4dcb-a604-6c73d9b54b3d: escaped_wildcard
|
|
f6de6525-4509-495a-8a82-1f8b0ed73a00: escaped_wildcard
|
|
fb502828-2db0-438e-93e6-801c7548686d: escaped_wildcard
|
|
# number_as_string
|
|
5c84856b-55a5-45f1-826f-13f37250cf4e: number_as_string
|
|
749c9f5e-b353-4b90-a9c1-05243357ca4b: number_as_string
|
|
85b88e05-dadc-430b-8a9e-53ff1cd30aae: number_as_string
|
|
# specific_instead_of_generic_logsource
|
|
23b71bc5-953e-4971-be4c-c896cda73fc2: specific_instead_of_generic_logsource
|
|
693a44e9-7f26-4cb6-b787-214867672d3a: specific_instead_of_generic_logsource
|
|
8ac03a65-6c84-4116-acad-dc1558ff7a77: specific_instead_of_generic_logsource
|
|
c3e5c1b1-45e9-4632-b242-27939c170239: specific_instead_of_generic_logsource
|
|
# SigmahqCategoryWindowsProviderNameIssue
|
|
3f3f3506-1895-401b-9cc3-e86b16e630d0: sigmahq_category_windows_provider_name
|
|
7dc2dedd-7603-461a-bc13-15803d132355: sigmahq_category_windows_provider_name
|
|
# SigmahqInvalidHashKvIssue
|
|
b69888d4-380c-45ce-9cf9-d9ce46e67821: sigmahq_invalid_hash_kv
|
|
# SigmahqRedundantFieldIssue
|
|
0f06a3a5-6a09-413f-8743-e6cf35561297: sigmahq_redundant_field
|
|
f7f9ab88-7557-4a69-b30e-0a8f91b3a0e7: sigmahq_redundant_field
|
|
# InvalidATTACKTagIssue remove after pySigma 1.0.0 release
|
|
afd12fed-b0ec-45c9-a13d-aa86625dac81: attacktag
|