mirror of
https://github.com/valitydev/SigmaHQ.git
synced 2024-11-06 09:25:17 +00:00
Release 0.17.0
This commit is contained in:
Thomas Patzke
parent
24d83b80cd
commit
80e8f0e5fa
21
CHANGELOG.md
21
CHANGELOG.md
@ -6,20 +6,39 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
|
||||
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html)
|
||||
from version 0.14.0.
|
||||
|
||||
## Unreleased
|
||||
## 0.17.0 - 2020-06-12
|
||||
|
||||
### Added
|
||||
|
||||
* LOGIQ Backend (logiq)
|
||||
* CarbonBlack backend (carbonblack) and field mappings
|
||||
* Elasticsearch detection rule backend (es-rule)
|
||||
* ee-outliers backend
|
||||
* CrowdStrike backend (crowdstrike)
|
||||
* Humio backend (humio)
|
||||
* Aggregations in SQL backend
|
||||
* SQLite backend (sqlite)
|
||||
* AWS Cloudtrail ECS mappings
|
||||
* Overrides
|
||||
* Zeek configurations for various backends
|
||||
* Case-insensitive matching for Elasticsearch
|
||||
* ECS proxy mappings
|
||||
* RuleName field mapping for Winlogbeat
|
||||
* sigma2attack tool
|
||||
|
||||
### Changed
|
||||
|
||||
* Improved usage of keyword fields for Elasticsearch-based backends
|
||||
* Splunk XML backend rule titles from sigma rule instead of file name
|
||||
* Moved backend option list to --help-backend
|
||||
* Microsoft Defender ATP schema improvements
|
||||
|
||||
### Fixed
|
||||
|
||||
* Splunx XML rule name is now set to rule title
|
||||
* Backend list deduplicated
|
||||
* Wrong escaping of wildcard at end of value when startswith modifier is used.
|
||||
* Direct execution of tools on Windows systems by addition of script entry points
|
||||
|
||||
## 0.16.0 - 2020-02-25
|
||||
|
||||
|
||||
@ -22,7 +22,7 @@ setup(
|
||||
author_email='thomas@patzke.org',
|
||||
license='LGPLv3',
|
||||
classifiers=[
|
||||
'Development Status :: 4 - Beta',
|
||||
'Development Status :: 5 - Production/Stable',
|
||||
'Intended Audience :: Developers',
|
||||
'Intended Audience :: Information Technology',
|
||||
'Intended Audience :: System Administrators',
|
||||
@ -31,6 +31,7 @@ setup(
|
||||
'License :: OSI Approved :: GNU Lesser General Public License v3 (LGPLv3)',
|
||||
'Programming Language :: Python :: 3.6',
|
||||
'Programming Language :: Python :: 3.7',
|
||||
'Programming Language :: Python :: 3.8',
|
||||
'Environment :: Console',
|
||||
],
|
||||
keywords='security monitoring siem logging signatures elasticsearch splunk ids sysmon',
|
||||
|
||||
Loading…
Reference in New Issue
Block a user