sigma icon indicating copy to clipboard operation
sigma copied to clipboard
verified publisher icon SigmaHQ

feat(backend): add support for linux.network_connection

Open hazedav opened this issue 3 years ago • 1 comments

  1. This adds support for linux.network_connection by adding a selfJoinFilter for process name (image)
  2. Adds support for multiple sources (i.e. array_to_rows())
  3. Removes references to retired evaluatorId

hazedav avatar Sep 20 '22 18:09 hazedav

cc @rachelrice

hazedav avatar Sep 20 '22 18:09 hazedav

Please take a lokk at https://github.com/SigmaHQ/pySigma

From sigmac help message : Sigmac will be deprecated by the end of 2022 in favour of sigma-cli and pySigma. Please stop contributing backends to this tool. Limited support is offered until the end of 2023,especially for backends that haven't been migrated yet.

frack113 avatar Sep 23 '22 05:09 frack113