security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

[FR] Add Env Var DR_CLI_MAX_WIDTH and DaC Docs Updates (#4518)

Browse Source 
* Add Env Var DR_CLI_MAX_WIDTH

* Version Bump

* Update limit from 120 to 240

* Clean references to reference main

* Update Readme with DaC Info

* Add DaC to Table of Contents

* Bump Patch Version

* Updated naming and add dac md

* Organize Imports

* Deprecate upload-rule

* Update docs/detections-as-code.md

Co-authored-by: Mika Ayenson, PhD <Mikaayenson@users.noreply.github.com>

* move docs to docs-dev

* Sort custom rules imports

* Remove duplicate

* Fix typo

* Bump Patch Version

---------

Co-authored-by: Mika Ayenson, PhD <Mikaayenson@users.noreply.github.com>
This commit is contained in:
Eric Forte
2025-03-10 12:59:12 -04:00
committed by GitHub
parent 3bdda091e1
commit eadcd9d3e0
10 changed files with 183 additions and 129 deletions
Download Patch File Download Diff File Expand all files Collapse all files
README.md
+6
View File
@@ -16,6 +16,7 @@ This repository was first announced on Elastic's blog post, [Elastic Security op
- [Overview of this repository](#overview-of-this-repository)
- [Getting started](#getting-started)
- [How to contribute](#how-to-contribute)
- [Detections as Code (DaC)](#detections-as-code-dac)
- [RTAs](#rtas)
- [Licensing](#licensing)
- [Questions? Problems? Suggestions?](#questions-problems-suggestions)
@@ -133,11 +134,16 @@ For more advanced command line interface (CLI) usage, refer to the [CLI guide](C
We welcome your contributions to Detection Rules! Before contributing, please familiarize yourself with this repository, its [directory structure](#overview-of-this-repository), and our [philosophy](PHILOSOPHY.md) about rule creation. When you're ready to contribute, read the [contribution guide](CONTRIBUTING.md) to learn how we turn detection ideas into production rules and validate with testing.
## Detections as Code (DaC)
The Detection Rules repo includes a number of commands to help one manage rules with an "as code" philosophy. We recommend starting with our [DaC Specific Documentation](https://dac-reference.readthedocs.io/en/latest/) for strategies and recommended setup information. However, if you would prefer to jump right in, please see our [custom rules documentation](docs-dev/custom-rules-management.md) for information on how to configure this repo for use with custom rules followed by our [CLI documentation](CLI.md) for information on our commands to import and export rules.
## RTAs
Red Team Automations (RTAs) used to emulate attacker techniques and verify the rules can be found in dedicated
repository - [Cortado](https://github.com/elastic/cortado).
## Licensing
Everything in this repository — rules, code, etc. — is licensed under the [Elastic License v2](LICENSE.txt). These rules are designed to be used in the context of the Detection Engine within the Elastic Security application. If youre using our [Elastic Cloud managed service](https://www.elastic.co/cloud/) or the default distribution of the Elastic Stack software that includes the [full set of free features](https://www.elastic.co/subscriptions), youll get the latest rules the first time you navigate to the detection engine.