go-sigma-rule-engine Documentation - More info on detection/selection/condition fields and supported operators?

Documentation - More info on detection/selection/condition fields and supported operators?

Open pritster5 opened this issue 1 year ago • 0 comments

Is it possible to get a section in the readme that details what kinds of things are supported by the detection/selection/condition fields? I.e. how much of the SIGMA specification is supported?

I noticed that some rules use |contains or |endswith in their selection fields. Are there other processors that are supported? What isn't allowed?

Jan 26 '24 15:01 pritster5

go-sigma-rule-engine go-sigma-rule-engine copied to clipboard

Documentation - More info on detection/selection/condition fields and supported operators?

go-sigma-rule-engine
go-sigma-rule-engine copied to clipboard