Convert Snowflake Scheduled Rules into Streaming Rules

panther-labs / panther-analysis

Built-in Panther detection rules and policies

https://panther.com/

Apache License 2.0

339 stars 173 forks source link

Closed ben-githubs closed 1 week ago

ben-githubs commented 1 month ago

Converting Snowflake scheduled rules into streaming (AKA realtime) rules to make use of the new Snowflake log integration

All rules have unit tests build from events gathered from Pre-Alpha test instance

github-actions[bot] commented 1 month ago

:scream: looks like some things could be wrong with the packs

[INFO][root]: ignoring file dependabot.yml

arielkr256 commented 3 weeks ago

@ben-githubs these look great! Needs a pack

arielkr256 commented 2 weeks ago

@ben-githubs looks like Validate caught some duplicate filenames from the original scheduled queries.