UncoderIO / Uncoder_IO

An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
https://uncoder.io
Other
133 stars 23 forks source link

Initial LogRhythm SIEM JSON Search API #156

Closed jkaufman-LogRhythm closed 5 months ago

jkaufman-LogRhythm commented 5 months ago

This gets a vast majority of SIGMA Rules, there will need to be a code cleanup and fine tune. However, for an initial this is pretty close. You use this json body with the LogRhythm SIEM search api, once you search, you will get a hash code value that you use with the search results. Next step is getting the Web Console to have a place to enter this in by default.