Commit Graph

95 Commits

Author SHA1 Message Date
Thomas Patzke
bd9410fe06 Added CI test 2020-07-07 23:46:49 +02:00
bar
35bb8df0b5 updated makefile with stix coverage cmd 2020-07-07 16:39:59 +03:00
Thomas Patzke
f907c49ab5 Improved test coverage
* Added test case
* Removed unused code
2020-06-13 01:11:08 +02:00
Thomas Patzke
915ea1cc67 Merge branch 'script_entry_points' into master 2020-06-10 00:51:47 +02:00
Thomas Patzke
1d211565fc Moved backend options list to --backend-help 2020-06-06 00:56:00 +02:00
Jonas Plum
3a6ac5bd5c Remove unused function 2020-05-30 01:57:06 +02:00
Jonas Plum
5cc82d0f05 Move testcase 2020-05-30 00:56:06 +02:00
Jonas Plum
4a8ab88ade Fix test path 2020-05-30 00:15:38 +02:00
Jonas Plum
70935d26ce Add license header 2020-05-29 23:56:05 +02:00
Jonas Hagg
abf1a2c6d7 Adjusted Makefile 2020-05-25 11:58:55 +02:00
Thomas Patzke
daf7ab5ff7 Cleanup: removal of corelight_* backends 2020-05-24 22:41:38 +02:00
Thomas Patzke
d45f8e19fe Fixes 2020-05-24 21:46:55 +02:00
Tiago Faria
06abd6e76a added ci tests for ecs-cloudtrail 2020-05-14 14:03:23 +01:00
Remco Hofman
c5c5e1b79b Added ee-outliers test to Makefile 2020-05-08 17:51:35 +02:00
Florian Roth
030898ba9c
Merge branch 'master' into override-coverage 2020-05-02 14:22:03 +02:00
Thomas Patzke
72c2241bb4 Cleanup
* Added CI test
* Added changelog entry
2020-04-08 23:39:38 +02:00
Thomas Patzke
13dbb4cdbd Moved tools into sigma namespace 2020-03-31 23:46:58 +02:00
Florian Roth
6aba430de6 fix: sigma_uuid occurances 2020-03-31 16:29:58 +02:00
David Szili
0947538228 MDATP schema changes
WDATP was renamed to MDATP (Microsoft Defendre ATP).
MDATP also had schema changes recently: https://techcommunity.microsoft.com/t5/microsoft-defender-atp/advanced-hunting-data-schema-changes/ba-p/1043914
The updates reflect these changes
2020-03-09 17:12:41 +01:00
Thomas Patzke
5a2ccbd040 Fixed ArcSight backend visibility 2020-02-24 23:27:22 +01:00
Thomas Patzke
6236429f3d Added/changed CI tests 2020-02-24 23:21:11 +01:00
Thomas Patzke
fa4c76871f Added CI test for sql backend 2020-02-21 22:27:55 +01:00
Thomas Patzke
638d461b16 Added ala-rule backend to CI testing 2020-01-13 13:47:11 +01:00
Thomas Patzke
530ac854df Added sigma2attack to CI testing 2019-12-20 22:53:22 +01:00
Thomas Patzke
b701e9be50 Added ECS proxy configuration 2019-12-09 16:34:07 +01:00
Johan Berggren
d8e1f56219
Add source distribution for PyPi when building
Add sdist when building. This makes it easier to build packages from PyPi for example Debian PPA pkgs etc.
This will not affect anything else, just make the source distribution available in PyPi as a tar.gz archive.

If this gets merged, please bump the version and push to PyPi as well.
2019-12-06 15:45:28 +01:00
Thomas Patzke
8d8530be2a Added UUID check to CI tests 2019-11-12 23:15:30 +01:00
Maxime Lamothe-Brassard
91e48d8c1b Adding setup links and fixing test that would crash Not node, but not seen in prod rules. 2019-10-27 11:56:32 -05:00
Hilko Bengen
d759896e07 Make coverage binary overridable
This makes it possible to pass a different coverage program to make
test, e.g.:

    make test COVERAGE=python3-coverage
2019-10-23 15:42:25 +02:00
Thomas Patzke
d5885686fc Sigmatools release 0.12
* Value modifiers
* Config name cleanup
2019-08-01 23:45:07 +02:00
Thomas Patzke
805c739611 Merge branch 'devel-modifiers' 2019-07-31 23:44:10 +02:00
Thomas Patzke
0ca15e5c5e Added test case for value modifiers 2019-07-16 23:14:55 +02:00
Thomas Patzke
b9ff280209 Cleanup of configuration names 2019-07-14 00:50:15 +02:00
Thomas Patzke
6fab5d7f23 Improved testing and removed dead&debug code 2019-06-29 00:09:53 +02:00
Thomas Patzke
0c7151c901 Watcher backend default options, refactoring and testing 2019-06-28 23:22:16 +02:00
Thomas Patzke
67707b6c82 Added test for new elastalert-dsl backend 2019-05-30 22:38:12 +02:00
Thomas Patzke
11ed7e7ef8 Check for valid configuration/backend combinations 2019-05-20 01:00:33 +02:00
Thomas Patzke
e271484eef Load configurations via new config management 2019-05-20 00:27:35 +02:00
Thomas Patzke
6918784e87 Configuration order checking 2019-04-23 00:54:10 +02:00
Thomas Patzke
d0bd8a2a41 Mandatory configuration for most backends 2019-04-22 23:40:21 +02:00
Thomas Patzke
5e973a6321 Fixes and CI testing of --backend-config 2019-03-15 23:46:38 +01:00
Thomas Patzke
3f7e08733a Added backend option 'sysmon' for ala backend 2019-03-15 23:26:15 +01:00
Thomas Patzke
8d1723e65c Merge branch 'master' of https://github.com/tuckner/sigma into tuckner-master 2019-03-15 23:06:08 +01:00
Thomas Patzke
6d97c6d0bb Extended elastalert CI testing 2019-03-08 00:04:43 +01:00
John Tuckner
1182ee2de2 added ala to makefile 2019-03-07 10:43:22 -06:00
Thomas Patzke
c922f7d73f Merge branch 'master' into project-1 2019-02-26 00:24:46 +01:00
Thomas Patzke
3c7f46a6cd Added rule test to CI testing 2019-01-23 23:31:36 +01:00
Thomas Patzke
a9cf14438c Merge branch 'master' into project-1 2019-01-14 22:36:15 +01:00
Thomas Patzke
b520897176 Added CI testing for SumoLogic backend 2018-12-10 22:36:08 +01:00
Thomas Patzke
1118b80288 Added elastalert backend to CI testing 2018-11-29 00:00:00 +01:00