SigmaHQ/tools
2019-11-03 23:32:50 +01:00
..
config Small refactors to make more readable and remove deprecated code paths to increase coverage. 2019-10-28 10:49:05 -05:00
sigma Default configurations for backends 2019-11-03 23:32:50 +01:00
tests Sigmatools release 0.12 2019-08-01 23:45:07 +02:00
merge_sigma Fixes for parser split 2018-07-27 00:02:07 +02:00
README.md Sigma tools release 0.11 2019-05-30 22:56:38 +02:00
requirements-devel.txt Added requirements 2018-10-22 22:43:59 +02:00
requirements-misp.txt Added requirements 2018-10-22 22:43:59 +02:00
requirements.txt Intermediate refactoring commit: moving code into package 2017-12-08 21:45:05 +01:00
setup.cfg Intermediate refactoring commit: moving code into package 2017-12-08 21:45:05 +01:00
setup.py Adding setup links and fixing test that would crash Not node, but not seen in prod rules. 2019-10-27 11:56:32 -05:00
sigma2genericsigma Increased indentation to 4 2019-03-02 00:14:20 +01:00
sigma2misp Dropped .py suffix 2018-10-22 23:02:05 +02:00
sigma-similarity Added sigma-similarity tool 2019-10-25 21:59:03 +02:00
sigmac Default configurations for backends 2019-11-03 23:32:50 +01:00

This package contains libraries for processing of Sigma rules and the following command line tools:

  • sigmac: converter between Sigma rules and SIEM queries:
    • Elasticsearch query strings
    • Kibana JSON with searches
    • Splunk SPL queries
    • Elasticsearch X-Pack Watcher
    • Logpoint queries
  • merge_sigma: Merge Sigma collections into simple Sigma rules.
  • sigma2misp: Import Sigma rules to MISP events.