blue-team-tools

Files

T

tr0mb1r 27b8b85230 Update elasticsearch.py

Example:

'threshold': {
        'field': [
            'host.name',
        ],
        'value': 10,
        'cardinality': [
            {
                'field': 'process.parent.name',
                'value': 1,
            },
        ],
    }

2022-11-07 12:46:09 +04:00

backends

Update elasticsearch.py

2022-11-07 12:46:09 +04:00

config

Import Iterable from collections.abc

2021-10-22 13:56:47 -05:00

parser

Revert "Wrapped all-modifier result into NodeSubexpression"

2022-09-09 22:26:13 +02:00

__init__.py

Intermediate refactoring commit: moving code into package

2017-12-08 21:45:05 +01:00

configuration.py

Added support for free-text search in logsources configuration, enabling usage of splunk macros and ability to optimize the resulting searches.

2021-06-16 14:52:45 +03:00

filter.py

cleanup code

2021-10-28 20:56:19 +02:00

merge_sigma.py

Moved tool executables to new location

2020-06-07 01:14:04 +02:00

output.py

Added sigma-uuid tool

2019-11-11 23:35:16 +01:00

sigma2attack.py

Update sigma2attack.py

2021-11-20 19:59:57 +01:00

sigma2genericsigma.py

Moved tool executables to new location

2020-06-07 01:14:04 +02:00

sigma2misp.py

fixed various spelling errors all over rules and source code

2021-02-24 14:43:13 +00:00

sigma_configurations_check.py

Add options and return error code

2021-09-18 18:13:16 +02:00

sigma_similarity.py

fix when backend support error

2021-08-20 13:58:57 +02:00

sigma_uuid.py

fix sigma_uuid assign id

2021-09-05 17:50:54 +02:00

sigma-similarity.py

fixed various spelling errors all over rules and source code

2021-02-24 14:43:13 +00:00

sigma-uuid.py

Spelling

2021-08-18 19:00:57 +00:00

sigmac.py

New message as requested.\n Only displayed on full help and when no arguments is passed

2022-09-09 12:24:30 +02:00

tools.py

Deduplicated backend list

2020-06-06 01:03:02 +02:00