Omer Yampel

Analyzer framework

1

Allows for the creation of rules against beagle's graphs

Add Alert edges to generic transformer

1

Generic transformer is lacking the ability to transform alerts.

The REST Api should provide the schemas required by the various events.

Export the graph to a timesketch server: references: https://github.com/google/timesketch/blob/master/docs/CreateTimelineFromJSONorCSV.md https://github.com/google/timesketch/issues/601 https://github.com/deralexxx/redline2timesketch

Add support to transform data in the format defined in https://github.com/Cyb3rWard0g/OSSEM/tree/master/common_information_model by @Cyb3rWard0g

Speed up EVTX Parsing

3

Move over to https://github.com/omerbenamram/pyevtx-rs

It's possible to inject alerts using the bindings: ``` from beagle.nodes import Alert, Process nodes = transformer.run(....) alert = Alert(...) process = Process(...) alert.alerted_on[process].append(...) nodes += [alert, process] backend.graph() ```...