Use rule fields to generate 'table' search output

SigmaHQ / pySigma-backend-splunk

pySigma Splunk backend

GNU Lesser General Public License v2.1

32 stars 19 forks source link

Use rule fields to generate 'table' search output #13

Closed ericzinnikas closed 1 year ago

ericzinnikas commented 1 year ago

Per #12 I took a look at implementing this. Field names in fields were already remapped during pipeline processing, so no extra steps were necessary.

thomaspatzke commented 1 year ago

Great PR, including a test! 👍