Since the project reorganization was merged, we can now introduce tests// folder with sigma rules and testing logs, rather than having to entirely rely on embedded test cases already present. Previously I did not want to introduce this folder due to project layout, as actual sigma lib was under pkg.
Note that this would not replace existing test cases, but simply allow us to read larger test cases from external files and more easily test ruleset as a whole.
This issue serves also as a call for users to submit testing data and sample rules to improve sigma engine reliability.
Since the project reorganization was merged, we can now introduce
tests//folder with sigma rules and testing logs, rather than having to entirely rely on embedded test cases already present. Previously I did not want to introduce this folder due to project layout, as actual sigma lib was underpkg.Note that this would not replace existing test cases, but simply allow us to read larger test cases from external files and more easily test ruleset as a whole.
This issue serves also as a call for users to submit testing data and sample rules to improve sigma engine reliability.