valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-06 17:35:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
8,092 Commits 20 Branches 25 Tags 21 MiB
f673eb413e
Commit Graph

54 Commits

Author SHA1 Message Date
Thomas Patzke
8688e8a2a1 Script entrypoint stubs 2020-06-07 00:22:59 +02:00
Thomas Patzke
13dbb4cdbd Moved tools into sigma namespace 2020-03-31 23:46:58 +02:00
Florian Roth
18e505c458 fix: list_configurations default values 2020-03-31 12:42:02 +02:00
Florian Roth
c82156a3c9 fix: second list_configurations function params 2020-03-31 11:46:05 +02:00
Florian Roth
23ce69eaae fix: functions parameters outside of main 2020-03-31 11:42:16 +02:00
Florian Roth
536ad78fc2 refactor: following best practices reg main functions in Python 
https://realpython.com/python-main-function/
 2020-03-31 11:30:14 +02:00
Thomas Patzke
4ee2c2762e Sorting of backend and configuration lists 2020-02-24 22:59:59 +01:00
Thomas Patzke
1bc2c0b930 Deduplication of backend list 
Fixes issue #609. Added backend list debug output (class name).
 2020-02-03 22:16:00 +01:00
Thomas Patzke
2222550b6e Allow ignore of type errors with sigmac -I 2019-11-08 23:56:39 +01:00
Thomas Patzke
54c75167ce Default configurations for backends 2019-11-03 23:32:50 +01:00
Thomas Patzke
95c8d25858 Improved --backend-config help text 2019-10-07 22:30:57 +02:00
Thomas Patzke
805c739611 Merge branch 'devel-modifiers' 2019-07-31 23:44:10 +02:00
Thomas Patzke
337681cfce Value modifiers 
* First transformation modfiers: contains, all
* Sigma converter modifier list
 2019-06-30 23:41:28 +02:00
Thomas Patzke
d82df83ef1
Merge pull request #369 from TareqAlKhatib/refactors 
Refactors
 2019-06-19 23:16:19 +02:00
Tareq AlKhatib
d61a971874 Minor refactors 2019-06-10 09:55:52 +03:00
Thomas Patzke
36ba9f78da Improved message if configuration is missing 2019-05-27 13:18:36 +02:00
Thomas Patzke
38f3966751 Changed backend list formatting to new method 2019-05-26 22:58:14 +02:00
Thomas Patzke
84690280c5 Improved behavior on missing configuration 
Listing all configus usable with chosen backend
 2019-05-24 22:41:47 +02:00
Thomas Patzke
97541ac267 Added -C shortcut for --backend-config 2019-05-21 00:15:01 +02:00
Thomas Patzke
11ed7e7ef8 Check for valid configuration/backend combinations 2019-05-20 01:00:33 +02:00
Thomas Patzke
e271484eef Load configurations via new config management 2019-05-20 00:27:35 +02:00
Thomas Patzke
3d20e0bc98 Sigma configuration management with listing 
Missing:
* Use config by identifier
 2019-05-17 09:13:59 +02:00
Thomas Patzke
763939a8ca Hide --shoot-yourself-in-the-foot 2019-04-25 23:42:13 +02:00
Thomas Patzke
6918784e87 Configuration order checking 2019-04-23 00:54:10 +02:00
Thomas Patzke
c90d3e811e Formatted error code definitions 2019-04-23 00:53:52 +02:00
Thomas Patzke
e9af99c147 Completed error codes 2019-04-23 00:52:31 +02:00
Thomas Patzke
d0bd8a2a41 Mandatory configuration for most backends 2019-04-22 23:40:21 +02:00
Thomas Patzke
34c426a95b Moved error codes to constants defined centrally 2019-04-22 23:15:35 +02:00
Thomas Patzke
5194e8778c Fail on missing target selection 2019-04-14 23:50:07 +02:00
Thomas Patzke
5e973a6321 Fixes and CI testing of --backend-config 2019-03-15 23:46:38 +01:00
Thomas Patzke
0864d05aa5 Merge branch 'backend-config-file' of https://github.com/christophetd/sigma into christophetd-backend-config-file 2019-03-15 23:35:11 +01:00
christophetd
3a7160d52b Accept backend options from a configuration file (closes #213) 2019-02-23 13:20:20 +01:00
Thomas Patzke
4e83bfeb16 Fixed merge bugs 2019-01-14 22:54:26 +01:00
Thomas Patzke
a9cf14438c Merge branch 'master' into project-1 2019-01-14 22:36:15 +01:00
Thomas Patzke
42ed8acec9 Improved test coverage 
* Adding tests
* Removal of coverage measurement for debugging code
 2018-11-04 23:28:40 +01:00
Michael H
bbb67fbba4 Adding support for reading sigma rule from stdin in sigmac 2018-10-07 10:11:47 -05:00
Karneades
fe6f4c7475 Add rule filename to exception output for unsupported aggregation 2018-09-23 19:12:50 +02:00
Thomas Patzke
f3c60a6309 Added tag filtering to sigmac 2018-09-06 00:57:54 +02:00
Thomas Patzke
1d7722c1cb Added configuration and field mapping chains 
Missing: field name mapping of log source conditions.
 2018-08-27 00:17:27 +02:00
Thomas Patzke
f8246e9f49 Removed "not implemented" hints for available options in sigmac 2018-08-04 23:31:29 +02:00
Thomas Patzke
af9f636199 Removal of backend output classes 
Breaking change: Instead of feeding the output class with the results,
they are now returned as strings (*Backend.generate()) or list
(SigmaCollectionParser.generate()). Users of the library must now take
care of the output to the terminal, files or wherever Sigma rules should
be pushed to.
 2018-08-02 22:41:32 +02:00
Thomas Patzke
df74460629 Fixed imports after config split 2018-07-27 23:54:18 +02:00
Thomas Patzke
1c4c67053c Fixes for parser split 
* Fixed imports
* Rename
 2018-07-27 00:02:07 +02:00
Thomas Patzke
c8e21b3f24 Fixing after split 
* Fixing imports
* Discovery in new sub modules
 2018-07-21 01:09:02 +02:00
Thomas Patzke
7d1b801858 Merge branch 'devel-sigmac-wdatp' 2018-06-22 00:43:23 +02:00
Thomas Patzke
d8e036f737 sigmac: Parameter for ignoring "not supported" errors 
Used to pass tests with complete rule set that would fail for backends
which target systems don't support required features.
 2018-06-22 00:23:59 +02:00
Florian Roth
3d52030391 Changed help text for -r flag 2018-06-13 00:08:46 +02:00
Florian Roth
c9658074dd Removed "not yet implemented" comment from -r flag 2018-06-13 00:08:46 +02:00
Thomas Patzke
f6d5e5dd99 Sigmac parameter -I now ignores all backend errors 
New backends introduced further exceptions and the intention of -I is to
get a successful run.
 2018-06-07 23:33:12 +02:00
nikotin
d13e8d7bd3 Added ArcSight & Qualys backends 2018-06-07 16:18:23 +03:00