AttackIQ pySigma-backend-kusto issues

AttackIQ / pySigma-backend-kusto

GNU Lesser General Public License v3.0

30 stars 10 forks source link

issues

Newest

Newest Most commented Recently updated Oldest Least commented Least recently updated

add: mapped GrandParentImage with InitiatingProcessParentFileName

#30 0xFustang closed 1 week ago
0
AttributeError: 'SigmaNumber' object has no attribute 'convert' when converting rules with multiple numbers

#29 k4otix opened 2 weeks ago
1
Table missing from output

#28 Sentinel-Siem closed 3 weeks ago
3
Linux sigma rules to kusto via microsoft xdr

#27 KyootyBella closed 3 weeks ago
3
PR from Dev to Main

#26 slincoln-aiq closed 1 month ago
0
ModuleNotFoundError: No module named 'sigma.pipelines.sentinelasim.microsoft365defender

#25 aaronblancoCCRD closed 2 months ago
1
Kusto rename

#24 slincoln-aiq closed 2 months ago
0
Fix minor issues

#23 mostafa closed 3 months ago
0
Added a somewhat hacky pipeline from a colleague that does ASIM translation for Sentinel also

#22 adonm closed 3 months ago
1
Remove newline character after table name

#20 xg5-simon closed 7 months ago
1
Update microsoft365defender.py

#19 adonm closed 6 months ago
1
Added parens around expressions with wildcards when converted to cont…

#18 slincoln-aiq closed 9 months ago
0
Dev

#17 slincoln-aiq closed 9 months ago
0
Fix for #13 - unescaping asterisk (wildcards) in strings

#16 slincoln-aiq closed 9 months ago
0
Fix/fix incoherent rule operators

#15 slincoln-aiq closed 9 months ago
0
[BUG] Incoherent conversion error for some Sigma rules

#14 SecurityAura closed 9 months ago
0
[BUG] Single and double \\ not being escaped properly in some scenarios

#13 SecurityAura closed 9 months ago
2
Added better parsing and error handling for Hashes field, fixes #11

#12 slincoln-aiq closed 9 months ago
0
[bug] Detection empty when using hash

#11 0xFustang closed 9 months ago
1
pysigma version upkeep

#10 marcurdy closed 1 year ago
5
Logic grouping

#8 rfackroyd closed 1 year ago
1
Error with negation

#7 rfackroyd closed 1 year ago
3
Dev

#6 slincoln-aiq closed 1 year ago
0
Changed poetry installation steps

#5 slincoln-aiq closed 1 year ago
0
Generic Field Mapping and Python3.11 Fixes

#4 slincoln-aiq closed 1 year ago
0
Backend breaks sigma-cli

#3 seanthegeek closed 1 year ago
1
feat: add CommandLine to more data tables

#2 rfackroyd closed 1 year ago
5
Endswith being produced when using escape chac

#1 rfackroyd closed 1 year ago
2