security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
3c9079faf39b2b2d5dc1c52f2340bb4f80ffd825
sigma-rules/tests
T
History
Justin Ibarra 3c9079faf3 Ensure EQL rules with maxspan have a long enough lookback window (#1361) 
* Add the following properties to EQLRuleData:
   - max_span
   - look_back
   - interval_ratio

* Add the following tests:
   - test_eql_lookback
   - test_eql_interval_to_maxspan

Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com>

(cherry picked from commit 7759fa2500)
2021-07-22 21:54:04 +00:00
..
kuery
Add KQL support for additional ES field types (#1247)
2021-06-10 22:30:11 -06:00
__init__.py
Update License to Elastic v2 (#944)
2021-03-03 22:12:11 -09:00
base.py
Add a RuleCollection object instead of a "loader" module (#1063)
2021-04-05 14:23:37 -06:00
test_all_rules.py
Ensure EQL rules with maxspan have a long enough lookback window (#1361)
2021-07-22 21:54:04 +00:00
test_mappings.py
Separate out query validation from the class hierarchy (#1136)
2021-04-21 14:55:26 -06:00
test_packages.py
Simplify version locking code and fix 7.13.0 lock (#1295)
2021-06-16 18:02:47 -06:00
test_schemas.py
Update cardinality field in schema for threshold rules (#1349)
2021-07-21 16:33:59 +00:00
test_toml_formatter.py
Move Rule into a dataclass (#1029)
2021-03-24 10:24:32 -06:00
test_utils.py
Update License to Elastic v2 (#944)
2021-03-03 22:12:11 -09:00