jvmendezp
commented
2 years ago Maybe we could set up what Sigma rule field should be in the response output using sigma-mapping.yml file
Closed jvmendezp closed 2 years ago
jvmendezp
commented
2 years ago Maybe we could set up what Sigma rule field should be in the response output using sigma-mapping.yml file
alexkornitzer
commented
2 years ago This is addressed in v2.0.0-alpha.0
Hello, thanks a lot for this amazing product.
Currently, Chainsaw result includes the name of matched Sigma rule. Can you include Sigma rule ID and description too?
Sigma ID is not a mandatory field according to https://github.com/SigmaHQ/sigma/wiki/Specification, but it could be nice to know more information about the match from the Sigma rule specification.
Thanks!