yugoslavskiy
commented
3 years ago Hello! Sorry for the late response, had quite busy weeks lately. I believe that our project is already works like that, as it was designed to be used with private analytics. You can change directories in configuration file for all kinds of data, including data, mitigations, response etc. Did you face any issues with that functionality?
marcurdy
I use a custom detection/ subdirectory to allow for the distinction between the cloned sigma and our internal detections. It would be great to have the same ability for all the other directories to include data, mitigation, response, triggers, etc.
What say you?