No project description provided
Project description
panther-classic-converter
Tool for converting classic Panther detections into the Panther SDK format.
The converted rule serves as a good baseline and maintains existing functionality.
It is recommended that the generated filter be replaced with a composable list of filters to take advantage of the benefits of composable detections.
Installation
pip install panther-classic-converter
Usage
usage: panther_classic_converter [-h] [-a | --athena | --no-athena] [-o OUTPUT] filename
converts legacy detections to panther sdk detections
positional arguments:
filename YML filename to be converted
optional arguments:
-h, --help show this help message and exit
-a, --athena, --no-athena
Datalake used by panther deployment. Used for scheduled queries.
-o OUTPUT, --output OUTPUT
YML filename to be converted
Example
panther_classic_converter brute_force_by_ip.yml -o converted_brute_force_by_ip.py
Before
After
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Close
Hashes for panther_classic_converter-0.1.0.tar.gz
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 1e89a1bbb4166987d0cd6fa4ed15c8615eb7f15bee488df92bacc441e9825e2b |
|
| MD5 | e8b78d9a0e971829123bbfa12dd09ed6 |
|
| BLAKE2b-256 | 48d252487af7f7bd09e19018695ce6e9e94578fb70fd02e047db88ad57a9d9e9 |
