Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Sigma Rule Id and description to results #68

Closed
jvmendezp opened this issue Mar 28, 2022 · 2 comments
Closed

Add Sigma Rule Id and description to results #68

jvmendezp opened this issue Mar 28, 2022 · 2 comments

Comments

@jvmendezp
Copy link

jvmendezp commented Mar 28, 2022
edited
Loading

Hello, thanks a lot for this amazing product.

Currently, Chainsaw result includes the name of matched Sigma rule. Can you include Sigma rule ID and description too?

Sigma ID is not a mandatory field according to https://github.com/SigmaHQ/sigma/wiki/Specification, but it could be nice to know more information about the match from the Sigma rule specification.

Thanks!
@jvmendezp jvmendezp changed the title Add Sigma Rule Id to results Add Sigma Rule Id and description to results Mar 28, 2022
@jvmendezp
Copy link
Author

jvmendezp commented Mar 28, 2022
edited
Loading

Maybe we could set up what Sigma rule field should be in the response output using sigma-mapping.yml file

@alexkornitzer
Copy link
Collaborator

This is addressed in v2.0.0-alpha.0

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alexkornitzer @jvmendezp