blue-team-tools

Files

T

Thomas Patzke d0b2bd9875 Multiple rules per file

* New wrapper class SigmaCollectionParser parses all YAML documents
  contained in file and handles multiple SigmaParser instantiation.
* Exemplary extended one security/4688 rule to security/4688 + sysmon/1

2017-10-31 23:06:18 +01:00

config

Added ELK default index config

2017-10-23 00:45:33 +02:00

backends.py

Added proper handling of null/not null values

2017-10-29 23:57:39 +01:00

README.md

Update README.md

2017-03-06 09:37:44 +01:00

sigma.py

Multiple rules per file

2017-10-31 23:06:18 +01:00

sigmac.py

Multiple rules per file

2017-10-31 23:06:18 +01:00

README.md

Tools in this section are currently in public beta status.

The --output and --config parameters are not usable yet.