blue-team-tools

Files

T

Joshua Roys 2034d36677 Add support for Elastic EQL

The EQL backend supports translation of the "near" aggregation into
EQL sequences. Additionally, the es-rule backend now has a sibling
es-rule-eql backend that outputs EQL queries instead of qs.

2021-06-08 13:38:38 -04:00

backends

Add support for Elastic EQL

2021-06-08 13:38:38 -04:00

config

fixed various spelling errors all over rules and source code

2021-02-24 14:43:13 +00:00

parser

Fix error when use -< namefile.yml in commandline as I never use it

2021-05-28 12:47:37 +02:00

__init__.py

Intermediate refactoring commit: moving code into package

2017-12-08 21:45:05 +01:00

configuration.py

functionality for parameter logsourcemerging

2020-12-15 09:23:49 +01:00

filter.py

Add the 'logsource!=' filter

2021-05-22 09:04:30 +02:00

merge_sigma.py

Moved tool executables to new location

2020-06-07 01:14:04 +02:00

output.py

Added sigma-uuid tool

2019-11-11 23:35:16 +01:00

sigma2attack.py

Updating attack navigator version to v4.0

2020-11-05 23:37:01 +01:00

sigma2genericsigma.py

Moved tool executables to new location

2020-06-07 01:14:04 +02:00

sigma2misp.py

fixed various spelling errors all over rules and source code

2021-02-24 14:43:13 +00:00

sigma_similarity.py

fixed various spelling errors all over rules and source code

2021-02-24 14:43:13 +00:00

sigma_uuid.py

Moved tools into sigma namespace

2020-03-31 23:46:58 +02:00

sigma-similarity.py

fixed various spelling errors all over rules and source code

2021-02-24 14:43:13 +00:00

sigma-uuid.py

Moved tool executables to new location

2020-06-07 01:14:04 +02:00

sigmac.py

Add some fun backend option for es-rule

2021-05-28 10:51:08 +02:00

tools.py

Deduplicated backend list

2020-06-06 01:03:02 +02:00