Fix language and type typo for EQL

SigmaHQ / pySigma-backend-elasticsearch

pySigma Elasticsearch backend

GNU Lesser General Public License v3.0

42 stars 24 forks source link

Fix language and type typo for EQL #61

Closed webhead404 closed 4 months ago

webhead404 commented 4 months ago

Fixes #41. The pipeline accounts for EQL as a query language but doesn't import into the SIEM correctly. Changed language from lucene to eql and type of rule from query to eql.

thomaspatzke commented 4 months ago

Thanks! Please also adapt the now failing test.

webhead404 commented 4 months ago

Updated the test file and ran the tests successfully!

thomaspatzke commented 4 months ago

Great, thanks!