No project description provided
Project description
panther-classic-converter
Tool for converting classic Panther detections into the Panther SDK format.
The converted rule serves as a good baseline and maintains existing functionality.
It is recommended that the generated filter be replaced with a composable list of filters to take advantage of the benefits of composable detections.
Installation
pip install panther-classic-converter
Usage
usage: panther_classic_converter [-h] [-a | --athena | --no-athena] [-o OUTPUT] filename
converts legacy detections to panther sdk detections
positional arguments:
filename YML filename to be converted
optional arguments:
-h, --help show this help message and exit
-a, --athena, --no-athena
Datalake used by panther deployment. Used for scheduled queries.
-o OUTPUT, --output OUTPUT
YML filename to be converted
Example
panther_classic_converter brute_force_by_ip.yml -o converted_brute_force_by_ip.py
Before
After
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
File details
Details for the file panther_classic_converter-0.1.0.tar.gz.
File metadata
- Download URL: panther_classic_converter-0.1.0.tar.gz
- Upload date:
- Size: 8.6 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/4.0.1 CPython/3.9.14
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 1e89a1bbb4166987d0cd6fa4ed15c8615eb7f15bee488df92bacc441e9825e2b |
|
| MD5 | e8b78d9a0e971829123bbfa12dd09ed6 |
|
| BLAKE2b-256 | 48d252487af7f7bd09e19018695ce6e9e94578fb70fd02e047db88ad57a9d9e9 |
