issues
search
SigmaHQ
/
pySigma-backend-elasticsearch
pySigma Elasticsearch backend
GNU Lesser General Public License v3.0
42
stars
24
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
ESQL: Field existence check has opposite logic
#78
rtkmaryang
opened
4 days ago
0
Fix: ES|QL index and metadata states
#77
m4dh4t
opened
2 weeks ago
0
ESQL / Correlations: AttributeError when using siem_rule/kibana_ndjson formats
#76
13621
opened
3 weeks ago
2
Elastalert backend
#75
m4dh4t
opened
3 weeks ago
0
Installation of 'elasticsearch' backend plugin not working for sigma cli
#74
v1p3r0u5
closed
3 weeks ago
2
[ES|QL] Non-aggregating query
#73
0xFustang
opened
1 month ago
0
ES|QL Index list handling
#72
WildDogOne
opened
1 month ago
0
Regex Escaping for EQL
#71
WildDogOne
opened
1 month ago
0
Elastic Security Informational Severity
#70
WildDogOne
opened
1 month ago
0
Enabling Index selection for SIEM NDJSON Policies
#69
WildDogOne
closed
1 month ago
0
Completes integration of kubernetes pipeline
#68
LAripping
closed
1 month ago
1
Feat: Add Elastic Security rules and Kibana saved object support for ES|QL
#67
m4dh4t
closed
1 month ago
3
ES version
#66
adilraad2001
opened
2 months ago
0
[Correlations] ES|QL should perform a unique reduction on indexes
#65
sinnwise
closed
1 month ago
0
Fix: Feature not supported on fieldref modifier
#64
andurin
closed
3 months ago
0
Update mapping for Imphash
#63
dfiredit1337
closed
3 months ago
0
Processing pipeline must be merged with another one.
#62
Koirin3224
opened
4 months ago
1
Fix language and type typo for EQL
#61
webhead404
closed
4 months ago
3
Add escape too all ':' in cidr for ipv6
#60
gregorywychowaniec-zt
closed
4 months ago
0
Convert esql correlation rule fail no attribute get_conversion_states
#59
frack113
closed
4 months ago
4
Fix invalid escape sequence
#58
cospirho
closed
5 months ago
0
Wrong network direction values
#57
cospirho
opened
5 months ago
0
ES|QL backend with correlation support
#56
thomaspatzke
closed
5 months ago
0
Chore update
#55
frack113
closed
5 months ago
0
Escape CIDR IPV6
#54
frack113
closed
6 months ago
0
Escape Cidr IPV6
#53
frack113
closed
6 months ago
2
ecs_windows mappig skipped
#52
tr0mb1r
closed
6 months ago
1
Update Kubernetes Logsource
#51
nasbench
closed
6 months ago
0
Single quote escaping problem in query_string
#50
foxalfabravo
opened
7 months ago
2
DSL query support
#49
balintnadasi
opened
7 months ago
4
IPv6 address causes error in CIDR notation
#48
nzedler
closed
3 months ago
2
Add user.name mapping
#47
defensivedepth
closed
7 months ago
1
Duplicate query when using multiple pipelines
#45
defensivedepth
opened
8 months ago
0
build: 📦 Update dependencies to pySigma 0.11
#44
frack113
closed
8 months ago
1
Fixed issues with query strings containing spaces and/or wildcards for Lucene Backend
#43
Koen1999
closed
8 months ago
3
Kubernetes pipeline (audit logs)
#42
LAripping
closed
8 months ago
1
Invalid EQL rule type and language
#41
FilipPwn
closed
4 months ago
0
feat: add parsing of Mitre Att&ck tags into threat obj
#40
rkokkelk
closed
8 months ago
0
Updates for EQL support
#39
defensivedepth
closed
9 months ago
0
Update poetry
#38
frack113
closed
9 months ago
0
fix: add `elasticsearch` to the allowed backends in the pipeline config
#37
nasbench
closed
10 months ago
0
Lucene Rule Generation Quotation Mark Issue
#36
LucaKuechler
closed
2 months ago
3
How to close subfields when convert a sigma rule to dsl?
#35
leexuan
opened
11 months ago
0
Solves sigma-cli/issues/29
#34
deibit
closed
11 months ago
2
Transform current output formats to postprocessing
#33
andurin
opened
11 months ago
2
Eql backend
#32
thomaspatzke
closed
11 months ago
1
ecs_windows can not be use with lucene
#31
frack113
closed
1 year ago
1
Custom Attributes Problem
#30
Yuvijadeja
opened
1 year ago
0
Converting sigma rule to elasticsearch, double quotation marks are inserted twice.
#29
KSHMK
closed
2 months ago
1
Wildcard format issue
#28
eliranDream
closed
2 months ago
4
Next