Closed sn0w0tter closed 3 years ago
Currently we are ignoring sigma backend configs with --shoot-yourself-in-the-foot command switch. ATC should allow user to use config which matches his fields mapping in SIEM.
--shoot-yourself-in-the-foot
https://github.com/Neo23x0/sigma/tree/master/tools/config
Currently we are ignoring sigma backend configs with
--shoot-yourself-in-the-footcommand switch. ATC should allow user to use config which matches his fields mapping in SIEM.https://github.com/Neo23x0/sigma/tree/master/tools/config