Failure to convert error #12
Comments
|
Devin, I had a similar issue with that error and in my case the sigmatools were not installed for Python: pip3 install sigmatools |
|
I am having the same issue and I did install sigmatools but it still show error |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Greetings,
I am having the same issue a another user back in July was having. Following all the instructions and installing the required packages I run the command against the included rules and the just tells me :
./sigma2splunkalert rules/lnx_shell_clear_cmd_history.yml
Failure converting the Sigma File: rules/lnx_shell_clear_cmd_history.yml
I even did it again using hte -c and -sc and N arguments and then I get code execution issues.
./sigma2splunkalert -sc splunk rules/lnx_shell_clear_cmd_history.yml N -c CONFIG
Traceback (most recent call last):
File "./sigma2splunkalert", line 142, in
main(sys.argv)
File "./sigma2splunkalert", line 55, in main
sigma2splunkalertconfig = openSigma2SplunkConfiguration(converter_config_path)
File "./sigma2splunkalert", line 107, in openSigma2SplunkConfiguration
with open(converter_config_path, 'r') as stream:
FileNotFoundError: [Errno 2] No such file or directory: 'CONFIG'
It would be greatly appreciated to get some assistance with this. We'd really love to use this to convery an absurd amount of rules into a savedsearch.conf.
Thanks,
Devin.
The text was updated successfully, but these errors were encountered: