security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
2,501 Commits 1 Branch 0 Tags
282f613ddfe35153abb84f66f15e5e02bebf3b14
Commit Graph

131 Commits

Author SHA1 Message Date
Terrance DeJesus 1a189a5749 [Python] Ignore Hunting Doc Changes for Version Code Checks (#4331) 
* Ignore hunting docs for version code checks

* added index.md to be ignored

---------

Co-authored-by: Ruben Groenewoud <78494512+Aegrah@users.noreply.github.com>
 2025-01-07 12:54:27 +01:00
shashank-elastic 2c848c5111 Prep for Release 8.18 (#4288) 2024-12-09 18:25:13 +05:30
shashank-elastic d2502c7394 Prep for Release 8.17 (#4256) 2024-11-07 23:53:04 +05:30
Mika Ayenson 2ca746c4b4 [FR] Reset package version and push tag via ci (#4260) 2024-11-07 12:11:00 -06:00
Mika Ayenson 48a051e3f1 [FR] Fetch history for versioning workflow (#4259) 2024-11-07 11:57:33 -06:00
Mika Ayenson c615df680f [FR] Update the release versioning process and workflow (#4257) 2024-11-07 11:31:54 -06:00
Mika Ayenson d9154c698a [Testing] Update release-drafter.yml (#4255) 2024-11-06 16:21:05 -06:00
Mika Ayenson b2b92b0edc [Testing] Update release-drafter.yml (#4254) 2024-11-06 16:00:18 -06:00
Mika Ayenson c1ac8f0fae [FR] DRAFT Release Workflow on PR Merge (#4253) 2024-11-06 15:36:09 -06:00
Mika Ayenson 63732436b4 [FR] Update release-drafter.yml (#4252) 2024-11-06 09:02:55 -06:00
Mika Ayenson 77f42f1168 [FR] Add Versioning Processes to DR (#4223) 2024-11-06 08:14:50 -06:00
Terrance DeJesus 50e23ba242 [Hunting] Re-factor Hunting Library Code (#4085) 
* updating python code for hunting library

* fixed okta queries; added MITRE search capability

* fixed hunting unit test imports

* fixed duplicate UUID; fixed duplicate index entry bug

* fixed technique finding sub-technique in search

* added more unit tests

* linted

* flake errors addressed; fixed unit test import; fixed markdown generate bug

* added description for generate-markdown command

* updated README

* adjusted YAML index, adjusted code for index changes

* adjusted relative imports; updated CODEOWNERS

* adding updates; moving to different branch for main dependencies

* finished run-query command; made some code adjustments

* removed some comments

* revised makefile; fixed unit tests; adjusted detection rules pyproject

* updated README

* updated README

* adjusted unit tests; adjusted hunt guidelines; updated makefile; adjusted several commands

* adjusted package to be more object-oriented

* removed unused variable

* Add simple breakdown stats

* addressed feedback; added keyword option for search

* Update hunting/README.md

Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>

* Update detection_rules/etc/test_hunting_cli.bash

Co-authored-by: Eric Forte <119343520+eric-forte-elastic@users.noreply.github.com>

* addressing feedback

* addressed feedback

* added message for unknown index; fixed function call

* fixed search command

* fixed flake error

---------

Co-authored-by: Mika Ayenson <Mika.ayenson@elastic.co>
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
Co-authored-by: Eric Forte <119343520+eric-forte-elastic@users.noreply.github.com>
 2024-10-03 12:47:40 -04:00
shashank-elastic e2f1fcefa8 Add flag to update the docs/ATT&CK-coverage.md with markdown URL(s) (#4077) 2024-09-19 23:12:01 +05:30
shashank-elastic f3b0dc1954 Prep for next release 8.16 (#3919) 2024-07-24 11:19:56 -04:00
eric-forte-elastic baee89de9b Revert "Prep for next release 8.16 (#3914)" 
This reverts commit 4245a815d2.
 2024-07-23 14:06:04 -04:00
shashank-elastic 4245a815d2 Prep for next release 8.16 (#3914) 
* Prep for Release 8.16

* Add subscription

* Remove double subscription

* Formatting

* Formatting

* Revert Beaconing rules minstack and lock version
 2024-07-23 13:04:03 -04:00
Mika Ayenson 03c99d22d3 Revert "Prep for Release 8.16 (#3913)" 
This reverts commit 01135085f6.
 2024-07-23 09:50:04 -05:00
shashank-elastic 01135085f6 Prep for Release 8.16 (#3913) 2024-07-23 09:42:26 -05:00
shashank-elastic eca7185901 Remove Rule:Promotion labels and add other relavent labels (#3902) 2024-07-17 17:41:05 +05:30
Mika Ayenson c62321f810 [FR] Detection Rule PR Guidelines and Issue Forms (#3850) 2024-07-10 17:18:45 -05:00
shashank-elastic 50f0fb3518 Test case to check updated_date (#3818) 2024-07-03 19:17:27 +05:30
shashank-elastic 30ffe00012 Create an Issue in Kibana for MITRE Updates (#3796) 2024-07-02 18:57:41 +05:30
Justin Ibarra 74dd230e2d Trim codeowners (#3829) 2024-06-27 13:36:58 -05:00
shashank-elastic f9b3534cdd Test deprecated rule modification (#3727) 2024-06-07 19:24:36 +05:30
Terrance DeJesus f09a640ddf updating upload-artifact to version 4 (#3733) 
Co-authored-by: shashank-elastic <91139415+shashank-elastic@users.noreply.github.com>
 2024-06-03 12:04:01 -04:00
shashank-elastic 9d019dcf26 Fix nodeenv version dependancy (#3715) 2024-05-29 18:52:34 +05:30
shashank-elastic 63e91c2f12 Back-porting Version Trimming (#3704) 2024-05-23 00:45:10 +05:30
Mika Ayenson 2c3dbfc039 Revert "Back-porting Version Trimming (#3681)" 
This reverts commit 71d2c59b5c.
 2024-05-22 13:51:46 -05:00
shashank-elastic 71d2c59b5c Back-porting Version Trimming (#3681) 2024-05-23 00:11:50 +05:30
Mika Ayenson 79f575b33c [FR] Normalize yml ext to yaml (#3675) 2024-05-15 15:18:39 -05:00
shashank-elastic 50a8b52cd5 Prepare For Next Elastic Stack 8.15 (#3670) 2024-05-15 00:31:02 +05:30
Mika Ayenson 78837549e8 [FR] Bundle KQL & Kibana libs into base dependencies (#3662) 2024-05-13 14:29:03 -05:00
Mika Ayenson fc7cc2c06a [Bug] Update lock versions dependencies (#3525) 2024-03-21 19:05:24 +05:30
Mika Ayenson 5c3523954e [FR] Update Python Dependency Versions (#3515) 2024-03-19 14:07:16 -05:00
Mika Ayenson d26981f712 [FR] Independently package kql / kibana and bump to py3.12 (#3514) 2024-03-14 20:18:32 -05:00
Mika Ayenson 3d2a36be32 Revert "[FR] Independently package kql / kibana and bump to py3.12 (#3492)" 
This reverts commit fc139fc3c2.
 2024-03-14 19:48:50 -05:00
Mika Ayenson fc139fc3c2 [FR] Independently package kql / kibana and bump to py3.12 (#3492) 2024-03-14 19:14:25 -05:00
shashank-elastic a4094df732 Prepare For Next Elastic Stack Minor Release (#3490) 2024-03-06 21:26:54 +05:30
Mika Ayenson df6dd09db4 [FR] Add New Kibana Schema Issue Template (#3441) 2024-02-13 16:36:01 -06:00
Terrance DeJesus 06b97ec79b [Bug] Adjust build-release CLI and fix links when generating security docs (#3434) 
* removed historical argument; added setup string; fixed links

* fixing flake errors

* added types for command arguments

* adjusted get_release_diff to append strings for release tags

* set fetch-depth to 0 for integrations checkout in workflow

* changed the name of the workflow

* removed TODOs

* adjusted release docs workflow to remove prefix for release tags

* adjusted URL replacement only if pointed to docs site

* added elastic website to regex pattern

* add docstrings; adjusted regex; add note for stopgap

* added a note about the regex pattern for elastic URLs
 2024-02-12 10:08:06 -05:00
Terrance DeJesus 7df7ab5101 [Bug] Update Prebuilt Detection Rules Release Process (#3403) 
* release fleet workflow updates; build package integration reference changes

* updated commit hash extraction to output to env

* adjusted bump-pkg-versions to only include release if necessary

* fixed flake errors

* add historical argument for build-release set to yes by default

* Update detection_rules/devtools.py

* fixed fleet workflow; updated registry data references

* updated job names

* removed extract commit hash job and consolidated into fleet pr job

* added echo statement for current branch before checkout

* removed id from extract commit hash
 2024-02-06 08:59:06 -05:00
Eric Forte 90a2043bc4 [FR] 8.12 Release Preparation update Main Branch to 8.13 (#3313) 
* 8.12 Release Prep update Main Branch to 8.13

* Fix typo in integrations

* Updated Schemas
 2023-12-11 14:58:06 -05:00
Colson Wilhoit 10f00a3f88 Create new_meta.md (#3305) 
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
 2023-12-08 14:39:02 -06:00
Terrance DeJesus b4f8fc3290 [FR] 8.11 Release Preparation and Update Main Branch to 8.12 (#3182) 
* prepping for 8.12 branch

* added ananlytic manifests and schemas

* fix linting issues

* updated analytic package manifests and schemas
 2023-10-13 13:37:21 -04:00
Mika Ayenson 811d1b7727 label bbr rules (#3067) 2023-08-31 17:00:16 -05:00
Terrance DeJesus 08b646aa94 [FR] 8.10 Release Preparation and Update Main Branch to 8.11 (#3012) 
* prepping for 8.11 branch

* fixed lint errors

* added 8.11 to stack schema map

* trimmed version lock file; adjusted new terms validation

* reverting changes to version lock, stack schema and workflow
 2023-08-16 14:23:44 -04:00
Terrance DeJesus 35d373b2bd [FR] 8.9 Release Preparation and Update Main Branch to 8.10 (#2891) 
* adding new branch and refreshed schema

* fixed flake errors
 2023-06-29 11:39:11 -04:00
Terrance DeJesus 8db42da040 Limit backports to 8.3+ (#2450) 
* Drop Rule Support for Outdated Stack Versions Less Than 8.3

* changed version lock key assignment logic and updated version lock file

* added comment to stack-schema-map file

* changed version lock key assignment logic to use custom Version method)

* Update detection_rules/devtools.py

Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>

* reverting version lock file to original

* updated version lock from adjusted comparison logic of stack versions

* updated logic in devtools; removed < 8.3.0 in version lock file

* trimmed lock version before merge

---------

Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
 2023-06-12 12:51:40 -04:00
Terrance DeJesus 8766734c89 [Bug] Adding additional dependency typing-extensions (#2812) 
* added additional dependency

* addding pip cache purge
 2023-05-24 10:23:35 -04:00
Mika Ayenson ea9bfc3e2b Update trigger-react.yml (#2779) 2023-05-05 13:21:54 -04:00