No project description provided
Project description
panther-classic-converter
Tool for converting classic Panther detections into the Config SDK format.
The converted rule serves as a good baseline and maintains existing functionality.
It is recommended that the generated filter be replaced with a composable list of filters to take advantage of the benefits of composable detections.
Installation
pip install panther-classic-converter
Usage
usage: panther_classic_converter [-h] [-a | --athena | --no-athena] [-o OUTPUT] filename
converts legacy detections to config sdk detections
positional arguments:
filename YML filename to be converted
optional arguments:
-h, --help show this help message and exit
-a, --athena, --no-athena
Datalake used by panther deployment. Used for scheduled queries.
-o OUTPUT, --output OUTPUT
YML filename to be converted
Example
panther_classic_converter brute_force_by_ip.yml -o converted_brute_force_by_ip.py
Before
After
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Close
Hashes for panther_classic_converter-0.0.2.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | ba27e1c5e5bbde4b262b3de329ea3878fc250486033209ee74b88528515f1f5f |
|
MD5 | 257a1e5b35e0d0170bd156f2ff75600b |
|
BLAKE2b-256 | b52e5a61dd36574eacf2abcaefd7648ffb25a93b66fd39a41834fa7e358ad9db |