Andurin

A few years ago as I've detected canari I started nearly the same work as this project but I never get that far. Once upon that time my code was...

Would also love to see this - creating confluence pages for example is literally broken. I guess other methods based on the content endpoints too. Right now Confluence Cloud answers...

I added some more connect tests to check also IPv6 addresses with cidr modifier. Tests ran fine today without ES errors. If I'm wrong, please reopen.

@balintnadasi / @Mat0vu Is this still an issue and would you like to prepare a pull request for ES-DSL in the future or has EQL/ES-QL successful overwritten the need?

@Securityinbits and @eliranDream I've just approved and merged the PR from @Koen1999 which may also solve your issues. A new version will be available soon. Would you give it a...

I added some more tests for this case but the rule you mentioned converts just fine (without quotes) to: `(Image:*\\bitsadmin.exe OR OriginalFileName:bitsadmin.exe) AND (CommandLine:*\ \/transfer\ * OR ((CommandLine:(*\ \/create\ *...

Result after #43: ``` $ sigma convert -t lucene -p ecs_windows rule.yml process.command_line.keyword:(*cn\/half\ \-\-cpu\-priority* OR *\-\-cpu\-priority\ 1*) ``` As long as your index-mapping owns the command_line.keyword - the query looks...