valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-08 18:23:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,732 Commits 20 Branches 25 Tags 21 MiB
5019f2f160
Commit Graph

19 Commits

Author SHA1 Message Date
Thomas Patzke
1b7f33f5e2 Fixed undefined value in exception handling 
Fixes issue #702.
 2020-04-08 22:28:47 +02:00
Thomas Patzke
54c75167ce Default configurations for backends 2019-11-03 23:32:50 +01:00
Steven Goossens
6a1a96a918 Implement mapping when selecting the fields for the AQL query. This was not being done correctly 2019-10-16 16:37:09 +02:00
Steven Goossens
2837d3ba74 Added the cleanValue function for Qradar 2019-10-16 10:27:24 +02:00
Thomas Patzke
849a5a520d Conditional field mapping resolve_fieldname now functional 
Before this method just had some placeholder function that wasn't really
implementing the intended functionality of the conditional field
mapping. Now aggregations get also conditional field mapping
functionality.
 2019-10-09 23:57:41 +02:00
Thomas Patzke
c80cb418cd Improved QRadar regular expression support 2019-09-05 15:35:26 +02:00
Thomas Patzke
2a60c71b9d
Merge pull request #437 from svent/qradar_regex_modifier 
QRadar backend: add support for re type modifiers
 2019-09-05 10:30:18 +02:00
svent
467c8f694c QRadar backend: add support for re type modifiers 2019-09-03 22:55:48 +02:00
Steven Goossens
37caccd52e Includes the trial condition so generic query is generated whenever the fields are not defined 2019-08-26 11:48:40 +00:00
Steven Goossens
895682aef2 Implementing the fields to be selected 2019-08-26 10:57:43 +00:00
svent
1ea6d00a39 Fix QRadar field name escaping and handling 2019-08-12 23:47:43 +02:00
Thomas Patzke
eb022f3908 Conditional field mapping for null values 
Fixes #326
 2019-04-25 23:24:05 +02:00
Mo Amiri
aa37ef2559 extending the qradar backend to allow for timeframe query 2019-01-11 03:33:49 +00:00
James Dickenson
29bed766dd removed re-introduced output class from qradar backend. fixed list handling error. 2018-08-21 22:45:12 -07:00
James Dickenson
9a61f40cef added support flor flow data in qradar backend 2018-08-16 21:44:17 -07:00
James Dickenson
a8d1831382 Added aggregation support for qradar backend 2018-08-13 23:04:10 -07:00
Thomas Patzke
b76fa884ec Changed copyright notices accordingly 2018-07-24 00:01:16 +02:00
Thomas Patzke
cf175d7b7e Removal from sigma.backends.qradar 2018-07-22 09:14:50 +02:00
Thomas Patzke
097660c678 Splitting backends - Copy qradar.py 2018-07-22 09:12:29 +02:00