valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 09:48:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
37ee355a77
SigmaHQ/tools
History
milkmix 37ee355a77 patched es-dsl
2018-05-17 08:44:50 +02:00
..
config Added field name mappings to HELK configuration 2018-03-27 14:41:02 +02:00
sigma patched es-dsl 2018-05-17 08:44:50 +02:00
merge_sigma Finalizing PyPI release 2017-12-08 23:50:08 +01:00
README.md Added PyPI README 2017-12-09 22:13:25 +01:00
requirements-devel.txt Python rewrite of es-qs query test 2018-04-11 23:59:44 +02:00
requirements.txt Intermediate refactoring commit: moving code into package 2017-12-08 21:45:05 +01:00
setup.cfg Intermediate refactoring commit: moving code into package 2017-12-08 21:45:05 +01:00
setup.py Sigma tools release 0.4 2018-05-01 00:50:07 +02:00
sigmac sigmac: improved backend options 2018-03-21 00:53:44 +01:00

README.md

This package contains libraries for processing of Sigma rules and the following command line tools:

  • sigmac: converter between Sigma rules and SIEM queries:
    • Elasticsearch query strings
    • Kibana JSON with searches
    • Splunk SPL queries
    • Elasticsearch X-Pack Watcher
    • Logpoint queries
  • merge_sigma: Merge Sigma collections into simple Sigma rules.