Add RSA NetWitness to sigma rule converter [sigconverter.io]

magicsword-io / sigconverter.io

An opensource sigma conversion tool built using pysigma

https://sigconverter.io/

Apache License 2.0

95 stars 21 forks source link

Add RSA NetWitness to sigma rule converter [sigconverter.io] #42

Closed RaffeeJoffer closed 7 months ago

RaffeeJoffer commented 7 months ago

Can you please add RSA NetWitness to the sigma rule converter ? If it's not possible can you give me a way to convert sigma rule to RSA NetWitness rule format ? Thanks

nasbench commented 7 months ago

The backend used and supported by sigconverter are listed in here https://github.com/SigmaHQ/pySigma-plugin-directory/blob/main/pySigma-plugins-v1.json

PySigma backends are contributed by the community and unfortunately there isn't a RSA NetWitness one created.

You could try joining the discord server. And ask for it in the #help section. Maybe someone is willing to help you dev one.