On the left are our converted rule and the right has the original sigma rule. There seems to be a missing comment: Note: In the case of...
@fukusuket Whenever you have time, could you see if you can keep these comments as well?
Also, - 'ping' gets converted to - ping which is still valid YAML so is no problem, but would like to still keep the single quotes intact if it is not difficult to do.
On the left are our converted rule and the right has the original sigma rule. There seems to be a missing comment:
Note: In the case of...@fukusuket Whenever you have time, could you see if you can keep these comments as well?Also,
- 'ping'gets converted to- pingwhich is still valid YAML so is no problem, but would like to still keep the single quotes intact if it is not difficult to do.