security-tools/blue-team-tools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
d8a7bcad39e0de2936e187fc2d6a8c84e255138c
blue-team-tools/tools
T
History
Thomas Patzke d8a7bcad39 Reordered rule generation 
Generation of query parts before and after main query gives access to
information possibly gathered while main query generation.
2018-06-21 23:50:13 +02:00
..
config
Added field name mappings to HELK configuration
2018-03-27 14:41:02 +02:00
sigma
Reordered rule generation
2018-06-21 23:50:13 +02:00
merge_sigma
Finalizing PyPI release
2017-12-08 23:50:08 +01:00
README.md
Added PyPI README
2017-12-09 22:13:25 +01:00
requirements-devel.txt
Python rewrite of es-qs query test
2018-04-11 23:59:44 +02:00
requirements.txt
Intermediate refactoring commit: moving code into package
2017-12-08 21:45:05 +01:00
setup.cfg
Intermediate refactoring commit: moving code into package
2017-12-08 21:45:05 +01:00
setup.py
Sigma tools release 0.4
2018-05-01 00:50:07 +02:00
sigmac
sigmac: improved backend options
2018-03-21 00:53:44 +01:00

README.md

This package contains libraries for processing of Sigma rules and the following command line tools:

  • sigmac: converter between Sigma rules and SIEM queries:
    • Elasticsearch query strings
    • Kibana JSON with searches
    • Splunk SPL queries
    • Elasticsearch X-Pack Watcher
    • Logpoint queries
  • merge_sigma: Merge Sigma collections into simple Sigma rules.
Reference in New Issue View Git Blame Copy Permalink