valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-06 17:35:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Optimizing Qradar query generation in cases where field definitions are missing

Browse Source
This commit is contained in:
Gregor 2021-01-26 15:24:44 +01:00
parent ac3730d2fa
commit 921ebf7445
1 changed files with 0 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
tools/sigma/backends/qradar.py
View File

@ -215,7 +215,6 @@ class QRadarBackend(SingleTextQueryBackend):
except KeyError: # no 'fields' attribute
mapped = None
qradarPrefix+="UTF8(payload) as search_payload"
pass
qradarPrefix += " from %s where " % (aql_database)