pySigma Elasticsearch Backend 0.2.0

andurin released this 18 Jan 14:15

· 96 commits to main since this release

New output format siem_rule
- Resulting JSON could be used with Kibana Create Rule API: https://www.elastic.co/guide/en/kibana/8.6/create-rule-api.html
- BUT this is not compatible with the Detection Rule Import Feature: Use siem_rule_ndjson instead
New output format siem_rule_ndjson
- Resulting NDJSON could be used with Kibana Security Alert UI to import rule files

Assets 2

Provide feedback