valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-06 17:35:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
96 Commits 20 Branches 25 Tags 21 MiB
9971192bff
Commit Graph

14 Commits

Author SHA1 Message Date
Florian Roth
9971192bff Create README.md 2017-03-03 13:45:55 +01:00
Florian Roth
b984d83685 Typo in help text 2017-03-03 12:47:20 +01:00
Thomas Patzke
8f3541f0a0 Added Splunk backend 2017-03-02 23:34:12 +01:00
Thomas Patzke
2dd1c7cd12 Deactivated not implemented backends 2017-03-02 22:55:45 +01:00
Thomas Patzke
9556e73cd1 Fix: automatic escaping of * and ? in es-qs backend removed 2017-03-02 12:07:07 +01:00
Thomas Patzke
10ee9c64fe Moved node output into dedicated backend class methods 2017-03-01 21:47:51 +01:00
Thomas Patzke
0d470af0e7 Set sigmac default backend to 'es-qs' 2017-03-01 09:40:51 +01:00
Thomas Patzke
e0f813ebbb Conversion to Elasticsearch Query Strings 
First version of sigmac that converts Sigma YAMLs without aggregations
into ES Query Strings suitable for Kibana or other tools.
 2017-03-01 00:03:34 +01:00
Thomas Patzke
58f2118ef4 Parsing of search expressions 
* Tokenization
* Building a parse tree
* Aggregations not yet implemented
 2017-02-24 23:36:19 +01:00
Thomas Patzke
ec9f42410a Intermediate backup state: Parsing of most conditions 
* Conditions with parentheses cause exceptions
 2017-02-22 22:43:35 +01:00
Thomas Patzke
0543ef7e75 sigmac: Condition Tokenizer 2017-02-16 23:58:44 +01:00
Thomas Patzke
ce43dce7ef Parsing of detections 
Transformation of detections into internal data structures. Parsing must
be changed later to on-demand parsing because condition can change
default behavior of lists.
 2017-02-16 00:40:08 +01:00
Thomas Patzke
980ed9c5c7 Moved YAML parsing in SigmaParser class 2017-02-13 23:31:42 +01:00
Thomas Patzke
1498d787e7 Added Sigma converter skeleton 
* YAML parsing
* argument parsing
* empty backend classes
 2017-02-13 23:28:53 +01:00