security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4600bf73dc39a3e204cc2b15ea6ed5fbf79c1fd4
blue-team-tools/tools
T
History
Thomas Patzke 1c5c8047fd Fixes 
* Removed commented debug print statements
* Defined nullExpression
* Removed unneeded generateMapItemNode method
* Value cleaning bug on matching of wildcard at first character
2020-04-08 23:43:46 +02:00
..
config
Merge pull request #669 from 0xThiebaut/winlogbeat-rulename
2020-03-28 13:20:08 +01:00
sigma
Fixes
2020-04-08 23:43:46 +02:00
tests
add .keyword on aggs; add extra unit test
2019-11-14 14:34:50 +01:00
merge_sigma
Fixes for parser split
2018-07-27 00:02:07 +02:00
README.md
Sigma tools release 0.11
2019-05-30 22:56:38 +02:00
requirements-devel.txt
Dependency cleanup
2020-03-29 22:55:09 +02:00
requirements.txt
fix: security vulnerability with pyyaml < 4.2b1
2020-04-02 12:27:53 +02:00
setup.cfg
Intermediate refactoring commit: moving code into package
2017-12-08 21:45:05 +01:00
setup.py
Release 0.16.0
2020-02-25 22:19:52 +01:00
sigma2attack
Add sigma2attack
2019-12-19 00:00:13 +01:00
sigma2genericsigma
Added sigma-uuid tool
2019-11-11 23:35:16 +01:00
sigma2misp
Update sigma2misp
2020-02-20 18:55:10 +09:00
sigma-similarity
sigma-similarity: primary rule set for restriction of comparison
2019-11-08 21:15:13 +01:00
sigma-uuid
Added hint on failed UUID check
2019-11-12 23:37:28 +01:00
sigmac
Reverted list sorting
2020-04-08 23:23:44 +02:00

README.md

This package contains libraries for processing of Sigma rules and the following command line tools:

  • sigmac: converter between Sigma rules and SIEM queries:
    • Elasticsearch query strings
    • Kibana JSON with searches
    • Splunk SPL queries
    • Elasticsearch X-Pack Watcher
    • Logpoint queries
  • merge_sigma: Merge Sigma collections into simple Sigma rules.
  • sigma2misp: Import Sigma rules to MISP events.
Reference in New Issue View Git Blame Copy Permalink