Skip to content

v0.2.0
Compare
Choose a tag to compare
@slincoln-systemtwo slincoln-systemtwo released this 21 Jul 17:34
· 65 commits to master since this release
v0.2.0
dc5e7f0
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

New Backend

Updated Backend Versions

  • Updated the following backends to the latest version
    • pysigma-backend-carbonblack: v0.1.2 -> v0.1.4
    • pysigma-backend-elasticsearch: v1.0.3 -> v1.0.5
    • pysigma-backend-qradar-aql: v0.1.3 -> v0.1.4
    • pysigma-backend-sentinelone: v0.1.1 -> v0.1.2

Bugfixes

  • Fixed incorrect relative path of Splunk ES Correlation Search template
    • Custom output format "stanza" now works as intended, and will generated a savedsearches.conf file for a correlation search based on the output of the Splunk backend and Sigma Rule description/tags.
Assets 2
Loading