security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

2058 add setup field to metadata (#2061)

Browse Source 
* Convert config header to setup in note field
* Parse note field into separate setup and note field with marko gfm
* only validate and parse note on elastic authored rules and add CLI description for new DR_BYPASS_NOTE_VALIDATION_AND_PARSE environment variable

Co-authored-by: brokensound77 <brokensound77@users.noreply.github.com>
This commit is contained in:
Mika Ayenson
2022-07-18 15:41:32 -04:00
committed by GitHub
parent 9995558b2a
commit a52751494e
433 changed files with 965 additions and 825 deletions
Download Patch File Download Diff File Expand all files Collapse all files
rules/linux/execution_shell_evasion_linux_binary.toml
+1 -1
View File
@@ -62,7 +62,7 @@ Initiate the incident response process based on the outcome of the triage.
- Using the incident response data, update logging and audit policies to improve the mean time to detect (MTTD) and the
mean time to respond (MTTR).
## Config
## Setup
The session view analysis for the command alerted is avalible in versions 8.2 and above.
"""