security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
0e2eb5a84ceed252b5fafebf64fd5eb97d3074de
sigma-rules/detection_rules
T
History
Jonhnathan 67ca13c1ce [Rule Tuning] Replace KQL exceptions for Query DSL Exceptions (#3505) 
* [Rule Tuning] Replace KQL exceptions for Query DSL Exceptions

* update min_stack

* build out schema in more detail for Filters

* Update detection_rules/rule.py

Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>

* Remove enum for definition

* remove unused import

* remove $state store

* transform state

* add call to super

* add return type hint

* use dataclass metadata

* use Literal type

---------

Co-authored-by: Samirbous <64742097+Samirbous@users.noreply.github.com>
Co-authored-by: Mika Ayenson <Mika.ayenson@elastic.co>
Co-authored-by: Terrance DeJesus <99630311+terrancedejesus@users.noreply.github.com>
Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com>
2024-04-01 17:44:50 -03:00
..
etc
Lock versions for releases: 8.3,8.4,8.5,8.6,8.7,8.8,8.9,8.10,8.11,8.12,8.13 (#3526)
2024-03-21 20:30:46 +05:30
schemas
[Rule Tuning] Replace KQL exceptions for Query DSL Exceptions (#3505)
2024-04-01 17:44:50 -03:00
__init__.py
[FR] Independently package kql / kibana and bump to py3.12 (#3514)
2024-03-14 20:18:32 -05:00
__main__.py
[FR] Independently package kql / kibana and bump to py3.12 (#3514)
2024-03-14 20:18:32 -05:00
attack.py
[FR] Adapt PyPi semver Library and Remove Custom (#2503)
2023-02-07 14:26:29 -05:00
beats.py
[Bug] Use integration schemas for required_field types (#3303)
2023-12-11 11:32:38 -06:00
cli_utils.py
[Bug] Fix BBR Folder Location Requirements for Specific Integrations (#3348)
2023-12-19 15:36:45 -05:00
devtools.py
Fix create PR in release workflow (#3528)
2024-04-01 21:17:10 +05:30
docs.py
[Bug] Fix URL links in autogenerated security docs (#3474)
2024-02-23 16:50:33 -05:00
ecs.py
[FR] Add Support for Multi-Fields and Validation in Rules (#2882)
2023-06-28 20:35:33 -04:00
endgame.py
add support for additional endgame field types (#2372)
2022-10-19 11:11:09 -04:00
eswrap.py
Update sort parameter (#3531)
2024-03-25 11:46:30 -04:00
ghwrap.py
Update package and install process (#1948)
2022-12-08 15:49:49 -05:00
integrations.py
[FR] 8.12 Release Preparation update Main Branch to 8.13 (#3313)
2023-12-11 14:58:06 -05:00
kbwrap.py
[Bug] Strip Non-Public Fields Prior to Uploading Rules (#2986)
2023-08-02 12:38:48 -05:00
main.py
[FR] Add required-fields option to import-rules (#3546)
2024-03-28 18:29:47 -05:00
mappings.py
Release ER Production RTAs to DR (#2270)
2022-09-08 12:50:39 -04:00
misc.py
[FR] Update Python Dependency Versions (#3515)
2024-03-19 14:07:16 -05:00
mixins.py
[FR] Adapt PyPi semver Library and Remove Custom (#2503)
2023-02-07 14:26:29 -05:00
ml.py
Refactor experimental ML CLI and code (#1218)
2021-06-02 20:37:12 -08:00
navigator.py
[FR] Update build-release to support bbr release (#2987)
2023-07-31 15:20:18 -04:00
packaging.py
[Bug] Adjust build-release CLI and fix links when generating security docs (#3434)
2024-02-12 10:08:06 -05:00
remote_validation.py
[FR] Add Support for ES|QL Rule Type and Remote Validation (#3281)
2023-12-08 12:46:28 -07:00
rule_formatter.py
Validate markdown plugin fields (#2602)
2023-03-28 09:17:50 -04:00
rule_loader.py
[FR] Add support for BBR rules to the rule loader (#2968)
2023-07-27 11:27:04 -05:00
rule_validators.py
[FR] Add support for dataviews in the rule schema (#3510)
2024-03-14 17:43:27 -05:00
rule.py
[Rule Tuning] Replace KQL exceptions for Query DSL Exceptions (#3505)
2024-04-01 17:44:50 -03:00
utils.py
[FR] Independently package kql / kibana and bump to py3.12 (#3514)
2024-03-14 20:18:32 -05:00
version_lock.py
[Bug][FR] Remove Rule Type Change Restriction and Fix Version Lock Bug (#2769)
2023-05-02 11:00:36 -04:00