-
Migrate the Sigma rules into the Database to be able to improve various aspects
Background:
At the moment, Sigma rules are stored and pulled into Timesketch from disk with os.walk every time an …
-
Have some rules duplicated. Example:
```
https://github.com/SigmaHQ/sigma/tree/master/rules/windows/process_creation/proc_creation_win_susp_comsvcs_procdump.yml
…
-
Hello,
I am trying to convert some sigma rules into Splunk queries. I use pySigma like this :
`sigma convert -t splunk -p splunk_windows rule_path`
The resulting queries keep the "Image" field…
-
Some recently added rules to the sigma repository are behaving differently depending on whether they were converted with sigma-cli/pySigma or uncoder.io/sigmac. An example is [Juniper BGP Missing MD5]…
-
The `sigmac` have been removed from the Sigma repository due to the PR below :(
- https://github.com/SigmaHQ/sigma/pull/4157
It seems that the `sigmac` tool has been moved to the following reposit…
-
The specification describes the pipe operator (`search_expression | aggregation_expression`) as deprecated. However, there is no alternative to it, and it is still used in lots of sigma rules. Depreca…
-
When importing quadpy (updated version quadpy-0.16.27), I got the following error message:
"""
Warning: Unable to find valid license in
- environment variable PLM_LICENSE_KEY_SIGMA (env var not…
-
Stuff that people would like to see on the Sigma overview page:
- [ ] aggregation which rules matched how often
- [ ] Sort table of rules after matches
- [ ] create a view to filter after OS / pr…
-
Hello !
When trying to convert a sigma rule into savedseaches format i get an error from splunk backend (`backends/splunk/splunk.py`).
Conversion goes smoothly without the `-f savedsearches` flag o…
-
Using Agda 2.6.4-35a4fbf48b508e1b5a2eddd7dcc5f330d42ab510:
```
$ mkdir fresh && cd fresh > /dev/null
$ (git clone https://github.com/agda/agda-stdlib.git && cd agda-stdlib && git checkout v1.7.2) >…