Skip to content

Sigma Release 0.14
Compare
Choose a tag to compare
@Neo23x0 Neo23x0 released this 29 Nov 15:22
· 14071 commits to master since this release
0.14
feb836c

Added

  • sigma-similarity tool
  • LimaCharlie backend
  • Default configurations for some backends that are used if no configuration is passed
  • Regular expression support for es-dsl backend (propagates to backends derived from this like elastalert-dsl)
  • Value modifiers:
    • startswith
    • endswith

Changed

  • Removal of line breaks in elastalert output
  • Searches not bound to fields are restricted to keyword fields in es-qs backend
  • Graylog backend now based on es-qs backend

Fixed

  • Removed ProcessCommandLine mapping for Windows Security EventID 4688 in generic
    process creation log source configuration
Assets 2