moutonjr
moutonjr
+1 Was definitely looking for this feature. I'm using Sigma for documentation also, and on Sentinel resulting query must be lintered, like with projection & agregations, what Sigma doesn't do....
Hey @DemonWareXT @jshlbrd Figured out that [RX validator](https://github.com/SigmaHQ/sigma/blob/master/sigma-schema.rx.yml) and [spec](https://github.com/SigmaHQ/sigma/wiki/Specification#structure) are quite vague at this subject. We added custom field on it (and custom SIEM params) to make it work....
Acknowledge the workaround (and associated security issue) I'm eager to look forward the fix though. Thank you @kay0u
Hi, any update or troubleshoot guide for this issue ?
Hi, @mishu28nmv , thank you very much for your answer. It's rather a nice-to have feature on ddt4all. Let me explain: If I use ddt4all with normal ELM ( no...
+1 Was definitely looking for this feature. I'm using Sigma for documentation also, and on Sentinel resulting query must be lintered, like with projection & agregations, what Sigma doesn't do....
Hey @DemonWareXT @jshlbrd Figured out that [RX validator](https://github.com/SigmaHQ/sigma/blob/master/sigma-schema.rx.yml) and [spec](https://github.com/SigmaHQ/sigma/wiki/Specification#structure) are quite vague at this subject. We added custom field on it (and custom SIEM params) to make it work....