dgutson
commented
1 year ago @markuskont for example what about the CLI?
Open markuskont opened 2 years ago
dgutson
commented
1 year ago @markuskont for example what about the CLI?
pritster5
commented
10 months ago Is it possible to get a section in the readme that details what kinds of things are supported by the detection/selection/condition fields? I.e. how much of the SIGMA specification is supported?
I noticed that some rules use |contains or |endswith in their selection fields. Are there other processors that are supported? What isn't allowed?
Main readme needs to be updated. It's still the original one I wrote when we published a paper. But the project has seen some development since then. So it has outdated info and does not reflect the direction of the project any more.