valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-06 17:35:19 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
6fbfa9dfdd
SigmaHQ/tools
History
Thomas Patzke 8d9b706d6a
Merge pull request #727 from 3CORESec/master 
Override Features
2020-05-20 19:11:56 +02:00
..
config Merge pull request #727 from 3CORESec/master 2020-05-20 19:11:56 +02:00
sigma Merge remote-tracking branch 'upstream/master' 2020-05-14 14:02:20 +01:00
tests add .keyword on aggs; add extra unit test 2019-11-14 14:34:50 +01:00
merge_sigma Fixes for parser split 2018-07-27 00:02:07 +02:00
README.md Sigma tools release 0.11 2019-05-30 22:56:38 +02:00
requirements-devel.txt Dependency cleanup 2020-03-29 22:55:09 +02:00
requirements.txt fix: security vulnerability with pyyaml < 4.2b1 2020-04-02 12:27:53 +02:00
setup.cfg Intermediate refactoring commit: moving code into package 2017-12-08 21:45:05 +01:00
setup.py Release 0.16.0 2020-02-25 22:19:52 +01:00
sigma2attack Add sigma2attack 2019-12-19 00:00:13 +01:00
sigma2genericsigma Added sigma-uuid tool 2019-11-11 23:35:16 +01:00
sigma2misp Update sigma2misp 2020-02-20 18:55:10 +09:00
sigma-similarity sigma-similarity: primary rule set for restriction of comparison 2019-11-08 21:15:13 +01:00
sigma-uuid Added hint on failed UUID check 2019-11-12 23:37:28 +01:00
sigmac Reverted list sorting 2020-04-08 23:23:44 +02:00

README.md

This package contains libraries for processing of Sigma rules and the following command line tools:

  • sigmac: converter between Sigma rules and SIEM queries:
    • Elasticsearch query strings
    • Kibana JSON with searches
    • Splunk SPL queries
    • Elasticsearch X-Pack Watcher
    • Logpoint queries
  • merge_sigma: Merge Sigma collections into simple Sigma rules.
  • sigma2misp: Import Sigma rules to MISP events.