go-sigma-rule-engine icon indicating copy to clipboard operation
go-sigma-rule-engine copied to clipboard

Published 20 hours ago verified publisher icon markuskont

Update README

Open markuskont opened this issue 2 years ago • 2 comments

Main readme needs to be updated. It's still the original one I wrote when we published a paper. But the project has seen some development since then. So it has outdated info and does not reflect the direction of the project any more.

markuskont avatar Jul 17 '22 06:07 markuskont

@markuskont for example what about the CLI?

dgutson avatar Aug 17 '23 18:08 dgutson

Is it possible to get a section in the readme that details what kinds of things are supported by the detection/selection/condition fields? I.e. how much of the SIGMA specification is supported?

I noticed that some rules use |contains or |endswith in their selection fields. Are there other processors that are supported? What isn't allowed?

pritster5 avatar Jan 26 '24 03:01 pritster5