valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-06 17:35:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
2,793 Commits 20 Branches 25 Tags 21 MiB
fa4c76871f
Commit Graph

73 Commits

Author SHA1 Message Date
Thomas Patzke
fa4c76871f Added CI test for sql backend 2020-02-21 22:27:55 +01:00
Thomas Patzke
638d461b16 Added ala-rule backend to CI testing 2020-01-13 13:47:11 +01:00
Thomas Patzke
530ac854df Added sigma2attack to CI testing 2019-12-20 22:53:22 +01:00
Thomas Patzke
b701e9be50 Added ECS proxy configuration 2019-12-09 16:34:07 +01:00
Johan Berggren
d8e1f56219
Add source distribution for PyPi when building 
Add sdist when building. This makes it easier to build packages from PyPi for example Debian PPA pkgs etc.
This will not affect anything else, just make the source distribution available in PyPi as a tar.gz archive.

If this gets merged, please bump the version and push to PyPi as well.
 2019-12-06 15:45:28 +01:00
Thomas Patzke
8d8530be2a Added UUID check to CI tests 2019-11-12 23:15:30 +01:00
Maxime Lamothe-Brassard
91e48d8c1b Adding setup links and fixing test that would crash Not node, but not seen in prod rules. 2019-10-27 11:56:32 -05:00
Thomas Patzke
d5885686fc Sigmatools release 0.12 
* Value modifiers
* Config name cleanup
 2019-08-01 23:45:07 +02:00
Thomas Patzke
805c739611 Merge branch 'devel-modifiers' 2019-07-31 23:44:10 +02:00
Thomas Patzke
0ca15e5c5e Added test case for value modifiers 2019-07-16 23:14:55 +02:00
Thomas Patzke
b9ff280209 Cleanup of configuration names 2019-07-14 00:50:15 +02:00
Thomas Patzke
6fab5d7f23 Improved testing and removed dead&debug code 2019-06-29 00:09:53 +02:00
Thomas Patzke
0c7151c901 Watcher backend default options, refactoring and testing 2019-06-28 23:22:16 +02:00
Thomas Patzke
67707b6c82 Added test for new elastalert-dsl backend 2019-05-30 22:38:12 +02:00
Thomas Patzke
11ed7e7ef8 Check for valid configuration/backend combinations 2019-05-20 01:00:33 +02:00
Thomas Patzke
e271484eef Load configurations via new config management 2019-05-20 00:27:35 +02:00
Thomas Patzke
6918784e87 Configuration order checking 2019-04-23 00:54:10 +02:00
Thomas Patzke
d0bd8a2a41 Mandatory configuration for most backends 2019-04-22 23:40:21 +02:00
Thomas Patzke
5e973a6321 Fixes and CI testing of --backend-config 2019-03-15 23:46:38 +01:00
Thomas Patzke
3f7e08733a Added backend option 'sysmon' for ala backend 2019-03-15 23:26:15 +01:00
Thomas Patzke
8d1723e65c Merge branch 'master' of https://github.com/tuckner/sigma into tuckner-master 2019-03-15 23:06:08 +01:00
Thomas Patzke
6d97c6d0bb Extended elastalert CI testing 2019-03-08 00:04:43 +01:00
John Tuckner
1182ee2de2 added ala to makefile 2019-03-07 10:43:22 -06:00
Thomas Patzke
c922f7d73f Merge branch 'master' into project-1 2019-02-26 00:24:46 +01:00
Thomas Patzke
3c7f46a6cd Added rule test to CI testing 2019-01-23 23:31:36 +01:00
Thomas Patzke
a9cf14438c Merge branch 'master' into project-1 2019-01-14 22:36:15 +01:00
Thomas Patzke
b520897176 Added CI testing for SumoLogic backend 2018-12-10 22:36:08 +01:00
Thomas Patzke
1118b80288 Added elastalert backend to CI testing 2018-11-29 00:00:00 +01:00
Thomas Patzke
6b8ddd6ac0 Added CI test for NetWitness backend 2018-11-07 22:36:34 +01:00
Thomas Patzke
42ed8acec9 Improved test coverage 
* Adding tests
* Removal of coverage measurement for debugging code
 2018-11-04 23:28:40 +01:00
Thomas Patzke
0fd8b986fd Added CI tests 2018-10-18 16:14:16 +02:00
Thomas Patzke
5609728a8a included XPack Watcher JSON output in CI tests 2018-10-18 14:56:21 +02:00
Thomas Patzke
44ff9d154e Increased test coverage for mapping corner cases 2018-10-16 14:53:12 +02:00
Thomas Patzke
a61b3d352a Added test cases 
* Generic log sources
* Splunk index queries
 2018-10-15 15:24:18 +02:00
Daniel Roethlisberger
85ad10d558 Use mktemp if tempfile is not available, fixes make for macOS 2018-10-02 22:17:03 +02:00
Florian Roth
14337a2aac Tests: PowerShell backend tests 2018-09-24 13:23:38 +02:00
Thomas Patzke
13e41f29d6 Added CI test for tag filtering 2018-09-06 01:05:31 +02:00
Thomas Patzke
91e6b8ca6b Merging refactoring changes into master 2018-07-22 09:23:07 +02:00
Thomas Patzke
c8e21b3f24 Fixing after split 
* Fixing imports
* Discovery in new sub modules
 2018-07-21 01:09:02 +02:00
Thomas Patzke
52e4910ab6 Added QRadar backend to CI testing 2018-07-17 22:56:31 +02:00
Thomas Patzke
0bacba05aa Added backend 'splunkxml' to CI tests 2018-07-02 23:20:02 +02:00
Thomas Patzke
7d1b801858 Merge branch 'devel-sigmac-wdatp' 2018-06-22 00:43:23 +02:00
Thomas Patzke
d8e036f737 sigmac: Parameter for ignoring "not supported" errors 
Used to pass tests with complete rule set that would fail for backends
which target systems don't support required features.
 2018-06-22 00:23:59 +02:00
Thomas Patzke
31727b3b25 Added Windows Defender ATP backend 
Missing:
* Aggregations
 2018-06-22 00:03:10 +02:00
Thomas Patzke
dbc25b6bfa Integrated Qualys backend to CI testing 2018-06-07 23:33:47 +02:00
Thomas Patzke
f6d5e5dd99 Sigmac parameter -I now ignores all backend errors 
New backends introduced further exceptions and the intention of -I is to
get a successful run.
 2018-06-07 23:33:12 +02:00
Thomas Patzke
ce9db548ff Integration of ArcSight backend 
* Rename
* Changed description to one line to beautify output of backend list
* Small bugfix in handling of numeric values
 2018-06-07 23:04:36 +02:00
Thomas Patzke
21040f04cc Added CI test for Graylog backend 2018-05-18 15:53:25 +02:00
Thomas Patzke
de2ed08695 Merge branch 'ci-es' 2018-05-01 00:34:11 +02:00
Thomas Patzke
aeda30a389 Python rewrite of es-qs query test 2018-04-11 23:59:44 +02:00