issues
search
bradleyjkemp
/
sigma-go
A Go implementation and parser for Sigma rules.
MIT License
84
stars
18
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Implement more efficient batch rule evaluator
#45
bradleyjkemp
closed
2 months ago
0
Sigma filters
#44
myoung34
opened
3 months ago
1
fix for issue #42
#43
262nos
closed
7 months ago
0
RuleEvaluator crashes when comparing numeric values
#42
262nos
closed
7 months ago
2
Fixing conditions with multiple underscores and adding a working example for reference
#41
AdrielVelazquez
opened
9 months ago
0
Add information about the type of the search(conjunction/disjunction)…
#40
dithmer
closed
9 months ago
1
Add JSON struct tags
#39
scudette
closed
1 year ago
0
README.md refers to a sigmac tool but this had been removed.
#38
scudette
closed
1 year ago
3
RuleEvaluator matcher.Values doesn't handle "Attribute: null"
#37
veramine
opened
1 year ago
1
Add option to disable case insensitivity
#36
bradleyjkemp
closed
1 year ago
0
Migrate modifiers to an exported interface
#35
bradleyjkemp
closed
1 year ago
0
Expose position information for key rule parts
#34
bradleyjkemp
closed
1 year ago
0
Draft: parse correlation rules
#33
AnthonyAspen
opened
1 year ago
2
Implement numeric comparison modifiers (>, >=, <, <=)
#32
bradleyjkemp
closed
1 year ago
0
[feature] Type-Aware Field Matcher
#31
calebstewart
closed
1 year ago
1
[IDEA] Type-Aware Rule Parsing
#30
calebstewart
closed
1 year ago
2
Add ability to save rules from memory to sigma
#29
calebstewart
closed
1 year ago
2
Parse the Rule's 'related' keyword as slice of maps
#28
veramine
closed
1 year ago
1
Fix bug in unhandled JSONPath error
#27
bradleyjkemp
closed
1 year ago
0
Rules fail to evaluate when there are multiple mappings for the same field
#26
lmoz25
closed
1 year ago
0
Bug demo
#25
lmoz25
closed
1 year ago
1
Make value comparisons case insensitive
#24
bradleyjkemp
closed
1 year ago
0
Condition|endswith is not matching case insensitive
#23
veramine
closed
1 year ago
1
Add `AdditionalFields` to `Logsource`
#22
calebstewart
closed
2 years ago
0
Improved Comparator and Modifier Handling
#21
calebstewart
opened
2 years ago
3
invalid token '*' in certain condition strings
#20
veramine
opened
2 years ago
1
Error parsing "related" with a map of id and type
#19
veramine
closed
1 year ago
0
Support lists of maps in detections
#18
bradleyjkemp
closed
2 years ago
0
Segfault when matching detection with a % symbol
#17
veramine
opened
2 years ago
2
Return the specific matching event values that triggered each condition
#16
bradleyjkemp
opened
2 years ago
0
Add support for the `cidr` modifier
#15
bradleyjkemp
closed
2 years ago
1
Gracefully handle rules containing invalid search conditions
#14
bradleyjkemp
opened
2 years ago
1
Add Nested Field support to Sigma Evaluations
#13
liamn
closed
2 years ago
0
Fix aggregations using <= and >= operators
#12
bradleyjkemp
closed
2 years ago
0
Fix aggregations where the threshold is 0
#11
bradleyjkemp
closed
2 years ago
0
Add preliminary support for placeholder expansion
#10
bradleyjkemp
closed
2 years ago
0
Error parsing detections with list of maps
#9
pathtofile
closed
2 years ago
10
Export a function to obtain actual values from an event field
#8
Rinaldyr
closed
2 years ago
0
Make Rule Level a supported Top Level field
#7
liamn
closed
2 years ago
0
Add InferFileType helper function
#6
bradleyjkemp
closed
3 years ago
0
Update README with the new `Match()` signature
#5
bradleyjkemp
opened
3 years ago
0
Plumb errors through the aggregators and surface to the caller
#4
bradleyjkemp
closed
3 years ago
0
Add fuzzit.dev integration
#3
bradleyjkemp
closed
4 years ago
0
Add support for sigmac to parse Config files and include them in sigma.go
#2
bradleyjkemp
closed
4 years ago
0
Add (out-of-spec) support for JSONPath in fieldmappings
#1
bradleyjkemp
closed
4 years ago
0