Thomas Patzke
bd9410fe06
Added CI test
2020-07-07 23:46:49 +02:00
bar
35bb8df0b5
updated makefile with stix coverage cmd
2020-07-07 16:39:59 +03:00
Thomas Patzke
f907c49ab5
Improved test coverage
...
* Added test case
* Removed unused code
2020-06-13 01:11:08 +02:00
Thomas Patzke
915ea1cc67
Merge branch 'script_entry_points' into master
2020-06-10 00:51:47 +02:00
Thomas Patzke
1d211565fc
Moved backend options list to --backend-help
2020-06-06 00:56:00 +02:00
Jonas Plum
3a6ac5bd5c
Remove unused function
2020-05-30 01:57:06 +02:00
Jonas Plum
5cc82d0f05
Move testcase
2020-05-30 00:56:06 +02:00
Jonas Plum
4a8ab88ade
Fix test path
2020-05-30 00:15:38 +02:00
Jonas Plum
70935d26ce
Add license header
2020-05-29 23:56:05 +02:00
Jonas Hagg
abf1a2c6d7
Adjusted Makefile
2020-05-25 11:58:55 +02:00
Thomas Patzke
daf7ab5ff7
Cleanup: removal of corelight_* backends
2020-05-24 22:41:38 +02:00
Thomas Patzke
d45f8e19fe
Fixes
2020-05-24 21:46:55 +02:00
Tiago Faria
06abd6e76a
added ci tests for ecs-cloudtrail
2020-05-14 14:03:23 +01:00
Remco Hofman
c5c5e1b79b
Added ee-outliers test to Makefile
2020-05-08 17:51:35 +02:00
Florian Roth
030898ba9c
Merge branch 'master' into override-coverage
2020-05-02 14:22:03 +02:00
Thomas Patzke
72c2241bb4
Cleanup
...
* Added CI test
* Added changelog entry
2020-04-08 23:39:38 +02:00
Thomas Patzke
13dbb4cdbd
Moved tools into sigma namespace
2020-03-31 23:46:58 +02:00
Florian Roth
6aba430de6
fix: sigma_uuid occurances
2020-03-31 16:29:58 +02:00
David Szili
0947538228
MDATP schema changes
...
WDATP was renamed to MDATP (Microsoft Defendre ATP).
MDATP also had schema changes recently: https://techcommunity.microsoft.com/t5/microsoft-defender-atp/advanced-hunting-data-schema-changes/ba-p/1043914
The updates reflect these changes
2020-03-09 17:12:41 +01:00
Thomas Patzke
5a2ccbd040
Fixed ArcSight backend visibility
2020-02-24 23:27:22 +01:00
Thomas Patzke
6236429f3d
Added/changed CI tests
2020-02-24 23:21:11 +01:00
Thomas Patzke
fa4c76871f
Added CI test for sql backend
2020-02-21 22:27:55 +01:00
Thomas Patzke
638d461b16
Added ala-rule backend to CI testing
2020-01-13 13:47:11 +01:00
Thomas Patzke
530ac854df
Added sigma2attack to CI testing
2019-12-20 22:53:22 +01:00
Thomas Patzke
b701e9be50
Added ECS proxy configuration
2019-12-09 16:34:07 +01:00
Johan Berggren
d8e1f56219
Add source distribution for PyPi when building
...
Add sdist when building. This makes it easier to build packages from PyPi for example Debian PPA pkgs etc.
This will not affect anything else, just make the source distribution available in PyPi as a tar.gz archive.
If this gets merged, please bump the version and push to PyPi as well.
2019-12-06 15:45:28 +01:00
Thomas Patzke
8d8530be2a
Added UUID check to CI tests
2019-11-12 23:15:30 +01:00
Maxime Lamothe-Brassard
91e48d8c1b
Adding setup links and fixing test that would crash Not node, but not seen in prod rules.
2019-10-27 11:56:32 -05:00
Hilko Bengen
d759896e07
Make coverage binary overridable
...
This makes it possible to pass a different coverage program to make
test, e.g.:
make test COVERAGE=python3-coverage
2019-10-23 15:42:25 +02:00
Thomas Patzke
d5885686fc
Sigmatools release 0.12
...
* Value modifiers
* Config name cleanup
2019-08-01 23:45:07 +02:00
Thomas Patzke
805c739611
Merge branch 'devel-modifiers'
2019-07-31 23:44:10 +02:00
Thomas Patzke
0ca15e5c5e
Added test case for value modifiers
2019-07-16 23:14:55 +02:00
Thomas Patzke
b9ff280209
Cleanup of configuration names
2019-07-14 00:50:15 +02:00
Thomas Patzke
6fab5d7f23
Improved testing and removed dead&debug code
2019-06-29 00:09:53 +02:00
Thomas Patzke
0c7151c901
Watcher backend default options, refactoring and testing
2019-06-28 23:22:16 +02:00
Thomas Patzke
67707b6c82
Added test for new elastalert-dsl backend
2019-05-30 22:38:12 +02:00
Thomas Patzke
11ed7e7ef8
Check for valid configuration/backend combinations
2019-05-20 01:00:33 +02:00
Thomas Patzke
e271484eef
Load configurations via new config management
2019-05-20 00:27:35 +02:00
Thomas Patzke
6918784e87
Configuration order checking
2019-04-23 00:54:10 +02:00
Thomas Patzke
d0bd8a2a41
Mandatory configuration for most backends
2019-04-22 23:40:21 +02:00
Thomas Patzke
5e973a6321
Fixes and CI testing of --backend-config
2019-03-15 23:46:38 +01:00
Thomas Patzke
3f7e08733a
Added backend option 'sysmon' for ala backend
2019-03-15 23:26:15 +01:00
Thomas Patzke
8d1723e65c
Merge branch 'master' of https://github.com/tuckner/sigma into tuckner-master
2019-03-15 23:06:08 +01:00
Thomas Patzke
6d97c6d0bb
Extended elastalert CI testing
2019-03-08 00:04:43 +01:00
John Tuckner
1182ee2de2
added ala to makefile
2019-03-07 10:43:22 -06:00
Thomas Patzke
c922f7d73f
Merge branch 'master' into project-1
2019-02-26 00:24:46 +01:00
Thomas Patzke
3c7f46a6cd
Added rule test to CI testing
2019-01-23 23:31:36 +01:00
Thomas Patzke
a9cf14438c
Merge branch 'master' into project-1
2019-01-14 22:36:15 +01:00
Thomas Patzke
b520897176
Added CI testing for SumoLogic backend
2018-12-10 22:36:08 +01:00
Thomas Patzke
1118b80288
Added elastalert backend to CI testing
2018-11-29 00:00:00 +01:00