security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
576 Commits 1 Branch 0 Tags
8ee1b2ffd477ebb5c267ea6527bfadddee7cbbca
Commit Graph

17 Commits

Author SHA1 Message Date
Justin Ibarra fc9dfde2c4 Generate an integrations package from a release (#983) 
* Generate an integrations package files during a release build
 2021-03-09 13:30:12 -09:00
Justin Ibarra 3fc34b86f2 Update License to Elastic v2 (#944) 2021-03-03 22:12:11 -09:00
Justin Ibarra b04218ec21 [CLI] Add repo option to kibana-diff command (#952) 2021-02-17 23:49:40 -09:00
Justin Ibarra 56dc4745b5 Add export-rules command (#639) 
* Add export-rule command to CLI
* add `export` method to packaging class
 2021-02-08 20:43:16 -09:00
Justin Ibarra b012a23df8 Auth to Kibana connector using an existing cookie (#711) 2020-12-12 16:10:52 -09:00
Justin Ibarra 366e5002e1 [FR] Add experimental ML DGA CLI support (#361) 
* Add DGA model commands
* Add upload/delete ML job command
* Add DGA release management commands
* Add Manifest handling
* Add GithubClient object
 2020-12-01 22:25:33 -09:00
Justin Ibarra ad4a2ef0eb Add test commands to search and survey rule hits (#485) 2020-11-17 13:08:00 -09:00
Ross Wolf 8ca32f1423 Fix ClientError (NoneType) suffix 2020-11-09 11:08:36 -07:00
Justin Ibarra bd680a2bd4 Re-organize commands under more specific click groups (#356) 
* Restructure commands under more specific click groups
* standardize CLI error handling
* add global debug options
* move es and kibana clients into their click groups
* move commands and groups to dedicated files 
* distinguish variable names for better env/config parsing
 2020-10-07 12:15:33 -08:00
Justin Ibarra 6ad3344af3 Collect unique query fields per rule (#296) 2020-09-23 14:36:34 -08:00
Ross Wolf 453553f685 Change the way we get environment variables (#280) 
* Change the way we get environment variables
* Change environ to getenv
* Read from envvar, then config file
* Switch to get_path
* Lint: Remove unused import
* Add --cloud-id/--elasticsearch-url
* Fix comment copy-pasta
 2020-09-16 10:23:22 -06:00
Ross Wolf 9d22970e21 Add EQL rules and schema validation (#297) 
* Add EQL rules and schema validation
* Lint nitpick
* Rename get_schema_from_eql
* Add EQL default language
* Rename parsed_kql to parsed_query
* Fix parsed_kql method call in loader
* Autopopulate dependent values
 2020-09-16 08:36:48 -06:00
Justin Ibarra 6b7ea7e66c Fix kibana-diff command (#198) 2020-09-02 12:19:17 -05:00
Ross Wolf 0455307577 Downgrade rule version before uploading to Kibana (#97) 
* Downgrade version before uploading to Kibana
* Update downgrade exception format
* Update s/siem/detection

Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com>
 2020-07-28 11:03:47 -06:00
Ross Wolf 16fb306254 Add command to upload to kibana (#58) 
* Add upload command to kibana
* Restore skipped fields
* Change prefix to DR_
* Add note to manage_versions call
* Reorder requirements.txt to trigger build
 2020-07-20 15:58:28 -06:00
Justin Ibarra 119c98f05f Package kibana index file with release rules (#40) 2020-07-08 18:58:00 -05:00
Ross Wolf 3b305d3003 Add rule loader and dependencies 
Co-Authored-By: Justin Ibarra <brokensound77@users.noreply.github.com>
 2020-06-29 23:17:42 -06:00