Uncoder_IO
Uncoder_IO copied to clipboard
UncoderIO
An IDE and translation engine for detection engineers and threat hunters. Be faster, write smarter, keep 100% privacy.
In the mapping section, the index field is mapped according to the roll type, but the index field is not filled after translation. but in socprime index field is filled...
Added field mappings for linux auditd to QRadar default CEPs
Hi, installed this on-prem, it works locally, but when we try to reach it remote (http://uncoder.servername.xx/)we only get "Something went wrong" like the plugin is not loaded. and, how can...
Salutations, did another sync and noticed that this was not included and some of the architecture changed a bit. This is the modification to get things working again. FYI I...
The sigma language supports a value modifier called `expand` that allows dynamic, environment-specific values to be populated through a translation pipeline. See the blog.sigmahq.io writeup [here](https://blog.sigmahq.io/building-flexible-detections-with-sigma-placeholders-7c1b814e2860). When a sigma rule...
Hey there! It looks like the uncoder RootA to Splunk translator does not reflect provided index and source type information from an SPL query. It reverts to a windows event...
