security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
8d866b086858d1a2cc178969af094e755ea1d83c
blue-team-tools/tools
T
History
Maxime Lamothe-Brassard 8d866b0868 Adding comments.
2019-10-26 17:37:13 -05:00
..
config
Remove unimplemented config entries and fix bug with valueNode.
2019-10-26 15:54:08 -05:00
sigma
Adding comments.
2019-10-26 17:37:13 -05:00
tests
Sigmatools release 0.12
2019-08-01 23:45:07 +02:00
merge_sigma
Fixes for parser split
2018-07-27 00:02:07 +02:00
README.md
Sigma tools release 0.11
2019-05-30 22:56:38 +02:00
requirements-devel.txt
Added requirements
2018-10-22 22:43:59 +02:00
requirements-misp.txt
Added requirements
2018-10-22 22:43:59 +02:00
requirements.txt
Intermediate refactoring commit: moving code into package
2017-12-08 21:45:05 +01:00
setup.cfg
Intermediate refactoring commit: moving code into package
2017-12-08 21:45:05 +01:00
setup.py
Sigmatools release 0.13
2019-10-21 11:58:26 +02:00
sigma2genericsigma
Increased indentation to 4
2019-03-02 00:14:20 +01:00
sigma2misp
Dropped .py suffix
2018-10-22 23:02:05 +02:00
sigma-similarity
Added sigma-similarity tool
2019-10-25 21:59:03 +02:00
sigmac
Improved --backend-config help text
2019-10-07 22:30:57 +02:00

README.md

This package contains libraries for processing of Sigma rules and the following command line tools:

  • sigmac: converter between Sigma rules and SIEM queries:
    • Elasticsearch query strings
    • Kibana JSON with searches
    • Splunk SPL queries
    • Elasticsearch X-Pack Watcher
    • Logpoint queries
  • merge_sigma: Merge Sigma collections into simple Sigma rules.
  • sigma2misp: Import Sigma rules to MISP events.
Reference in New Issue View Git Blame Copy Permalink