security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,834 Commits 1 Branch 0 Tags
724e34ba95ffb48d13e18a91c547800986164572
Commit Graph

5 Commits

Author SHA1 Message Date
Mika Ayenson 1f015ebe85 1554 update eql schemas to fail validation on text fields (#1866) 
* Ensure kql2eql conversion doesnt support `text` fields

* Add unit test cases for`text` not supported in eql

* test `field not recognized` in the rule_validator and output a verbose message.

* use elasticsearch_type_family to lookup text mappings

Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com>
 2022-03-23 16:22:26 -04:00
Ross Wolf 8d8bcfbc42 Add wildcard field support to KQL (#1139) 2021-04-22 11:15:38 -06:00
Justin Ibarra 3fc34b86f2 Update License to Elastic v2 (#944) 2021-03-03 22:12:11 -09:00
Ross Wolf 5f867dbb72 Add KQL -> DSL conversion (#81) 
* Add KQL -> DSL converter
* Lint with black to 120 chars
* Add more tests and flatten shoulds
* Fix NotValue conversion to DSL
 2020-07-22 11:05:45 -06:00
Ross Wolf 41809f1dc5 Add KQL module 2020-06-29 23:05:14 -06:00