Releases: SigmaHQ/pySigma
Releases · SigmaHQ/pySigma
pySigma 0.6.7
Fixed: or-linking of multi-field mappings.
pySigma 0.6.6
- Added templating to add_condition transformation.
- Added further default Windows log sources.
pySigma 0.6.5
Added Sigma Windows service identifiers to Windows event log channel name mapping.
pySigma 0.6.4
Added escaping of field names.
pySigma 0.6.3
- Bugfix in conversion of Sigma rules into a dict with numeric values.
- Specific error on tags without namespace.
v0.6.2
- Quoting of field names.
- Fixed handling of query expressions.
pySigma 0.6.1
Fixed handling of empty detections caused by drop detection item transformation.
pySigma 0.6.0
- Startswith, endswith, contains and dedicated wildcard match expressions
- Backend output format specific processing pipelines
- New modifier 'windash'
- Fixed precedence of expanding value modifier results
- Processing pipeline state
- SetState transformation
pySigma 0.5.2
Bugfix (unnecessary attr import)
pySigma 0.5.1
- Additional common log source definitions (moved from Splunk backend)