Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

FR: Yara rules management #28

Closed
22 tasks done
garanews opened this issue Jul 22, 2020 · 3 comments
Closed
22 tasks done

FR: Yara rules management #28

garanews opened this issue Jul 22, 2020 · 3 comments
Assignees
@dadokkio
Labels
enhancement New feature or request
Projects
Release 1.3.0

Comments

@garanews
Copy link
Member

garanews commented Jul 22, 2020
edited

TODO LIST:

  • models
  • create custom ruleset per user at creation
  • admin to manage ruleset/rule
  • download and parse rulesets list from awesome
  • clone or pull repo of rulesets
  • user page to upload/delete custom rule to his ruleset
  • user page to create custom rules from available rulesets
  • delete, publish custom rules
  • download custom rules
  • add a command to create a default with all rules from admin
  • make yarascan plugin use default rule if no other file are selected
  • add a default rule in website.rule that is run by default if automatic
  • test compile rule in parallel or in separated task
  • compile only new rule when pulling repos
  • show more than 100 entries per page (like 1k, 10k)
  • add help for elastic syntax
  • add elastic syntax to search
  • edit user rules
  • copy server rules under user rules
  • search text inside rules
  • view selected rule (included system rules)
  • create documentation
@garanews garanews added the enhancement New feature or request label Aug 20, 2020
@dadokkio dadokkio added the in progress In progress label Feb 18, 2021
@garanews garanews added this to To do in Release 1.3.0 via automation Mar 11, 2021
@garanews
Copy link
Member Author

I am not able to build file when selected 1k rules.
Was trying to select all icewater rules: have to select 100 (only) per page so having like 130 pages to do select all and go next.
I stopped at page 10 and tried to build: nothing happened.
Tried with 500 and it works.
Goal is to be able to select all icewater rules and build, added 2 additional item in todo list :)

@garanews
Copy link
Member Author

garanews commented Jun 11, 2021
edited

latest commit ( 61083e8 ) solve previous issues.
Now addes some more request, like search inside rules/ view rules/ edit rules ;)

@garanews garanews moved this from To do to In progress in Release 1.3.0 Jun 12, 2021
@garanews
Copy link
Member Author

Evaluate use of plyara saving output in ES

@garanews garanews closed this as completed Nov 2, 2021
Release 1.3.0 automation moved this from In progress to Done Nov 2, 2021
@dadokkio dadokkio removed the in progress In progress label Mar 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@dadokkio dadokkio

Labels
enhancement New feature or request
Projects
No open projects
Release 1.3.0
Done
Milestone
No milestone
Development

No branches or pull requests
2 participants
@dadokkio @garanews