pySigma SigmaHQ validators
Project description
pySigma_validators_sigmaHQ
Purpose
Create all validators specific to the requirements of the SigmaHQ rules repository
Validators
Name | Description |
---|---|
sigmahq_date_existence | Checks if rule has a data. |
sigmahq_description_existence | Checks if rule has a description. |
sigmahq_description_length | Checks if rule has a description. |
sigmahq_falsepositives_banned_word | Checks if rule falsepositive start with a banned word. |
sigmahq_falsepositives_capital | Checks if rule falsepositive start with a capital. |
sigmahq_falsepositives_typo_word | Checks if rule falsepositive start with a common typo error. |
sigmahq_field_duplicate_value | Check uniques value in field list. |
sigmahq_fieldname_cast | Check field name have a cast error. |
sigmahq_filename | Check rule filename match SigmaHQ standard. |
sigmahq_filename_prefix | Check rule filename match SigmaHQ prefix standard. |
sigmahq_invalid_all_modifier | Check All modifier used with a single value. |
sigmahq_invalid_field_source | Check field Source use with Eventlog. |
sigmahq_invalid_fieldname | Check field name do not exist in the logsource. |
sigmahq_level_existence | Checks if rule has a level. |
sigmahq_link_description | Checks if rule description use a link instead of references. |
sigmahq_logsource_valid | Checks if rule has valid logsource. |
sigmahq_space_fieldname | Check field name have a space. |
sigmahq_status_deprecated | Checks if rule has a status DEPRECATED. |
sigmahq_status_existence | Checks if rule has a status. |
sigmahq_status_unsupported | Checks if rule has a status UNSUPPORTED. |
sigmahq_title_case | Checks if rule title use capitalization. |
sigmahq_title_end | Checks if rule title end with a dot(.). |
sigmahq_title_length | Checks if rule has a title too long. |
sigmahq_title_start | Checks if rule title start with Detects. |
Data
All the data value are in the config.py
Maintainer
This pipelines is currently maintained by:
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for pysigma_validators_sigmahq-0.5.1.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | 1e7b7edf8d5eaafc2f1b9de524c6aa98c085bdfc231e48994b65620ca17ba402 |
|
MD5 | d6d196e3726b28e3f9fc787d1bb30511 |
|
BLAKE2b-256 | 5682fb9ce64c394381d115a1436de30d1cf591e1aac54ed0f29e9d8961828c23 |
Close
Hashes for pysigma_validators_sigmahq-0.5.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | d422d7a8ee45ef98372a1ced3482fff7e83f5289ca69540d76bd8761457541d6 |
|
MD5 | 3f48ad1dd070375fa84231cc75d8dfb2 |
|
BLAKE2b-256 | fccbef6af2afb8dbe21a619492e0c13d2c0ee1832320468defe8c1428ae6935b |