sigma-rules

Author	SHA1	Message	Date
Apoorva Joshi	1f7c88c6f4	Updating rules to query v2 (#1254 ) Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com>	2021-06-15 07:20:50 -07:00
Justin Ibarra	3fc34b86f2	Update License to Elastic v2 (#944 )	2021-03-03 22:12:11 -09:00
Justin Ibarra	97ee8cc9ac	Refresh beats and ecs schemas and default to use latest to validate (#570 ) * Refresh beats and ecs schemas and default to use latest to validate * remove incorrect ecs_version from zoom rule * remove stale ecs_version from rules	2020-12-01 13:24:20 -09:00
seth-goodwin	2065af89b1	[Rule Tuning] Tag Categorization Updates (#380 ) * Add new categorization tags * Change updated_date to 2020/10/26 Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com>, @bm11100	2020-10-26 13:50:45 -05:00
Brent Murphy	2e422f7159	[Rule Tuning] Minor Rule Tweaks for 7.10 (#400 ) * Tweak Rules for 7.10 * Add endpoint index for packetbeat rules * update unit test to account for Network tag as well * update modified date, add endpoint tag * use Host instead of Endpoint * Update packaging.py * add v back to changelog url * Add "tag" comment to get_markdown_rule_info Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com> Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com>	2020-10-22 09:07:04 -04:00
Craig Chamberlain	dd65dad9dc	[New Rule] Unusual Process Calling the Metadata Service [Linux] (#321 ) * Create ml_linux_anomalous_metadata_process.toml rule creation * Update rules/ml/ml_linux_anomalous_metadata_process.toml Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com> * Update ml_linux_anomalous_metadata_process.toml Co-authored-by: Brent Murphy <56412096+bm11100@users.noreply.github.com>	2020-09-23 15:29:48 -04:00

6 Commits