Jason Keirstead

Hi Andras - I have been thinking about was we might be able to support Sigma in the project. In theory it could be an output format, but I am...

The main problem with Sigma of course is as I stated in the README - it is SIEM / logs only. We're reaching beyond just SIEM.

@iglocska If you or the MISP team have thoughts on how we could go about this, I would love your input, as supporting Sigma via some kind of method would...

I would like to see SIGMA be an option for query. Specifically the "detection" section. Response part can remain in STIX since SIGMA doesn't handle it. Best of both worlds.

@delliott90

@mavam Agreed. I don't want ro convert the pattern at all. I want to use the native Sigma backend. Since both of these projects are python there is no reason...

This is a very interesting proposal.

@emishas @benjamin-craig Have we looked into this? Some of these are very basic & we should be tracking. We should probably break this out into separate issues.

@cricard We have been looking at these. Some are errors and some are mappings. I am curious on your perspective on how you think stix-shifter should behave, for consumers, for...

We need to fix issues where applicable, and document the expected behaviour where not @emishas