SigmaHQ/sigma-specification

Issues

• Update Taxonomy - Add IIS

  #154 opened a month ago by nasbench
  0

• What flavor a regular expressions does sigma use?

  #25 opened 4 months ago by YamatoSecurity
  2

• Version 2.1 - New modifier to check if field is empty or null

  #142 opened 4 months ago by frack113
  1

• Version 2.1 - Enhancements

  #140 opened 4 months ago by nasbench
  0

• Version 2.1 - New modifier for time field

  #143 opened 4 months ago by frack113
  0

• Regular Expression matching

  #41 opened 3 years ago by maederm
  5

• Add `correlation` (or similar) related type

  #136 opened 4 months ago by kelnage
  1

• TODO: Add New EventLog To Taxonomy

  #76 opened 4 months ago by nasbench
  1

• Does Sigma allow dots and/or dashes in tags? (sigmahq.io documentation versus pySigma validation)

  #127 opened 4 months ago by Karneades
  6

• Version number in Sigma specification doc doesn't match to history

  #129 opened 4 months ago by alexott
  1

• Link to web version does not work

  #123 opened 4 months ago by martclau
  1

• Feature Request: Custom Queries

  #14 opened 4 months ago by WildDogOne
  10

• How to use Sigma correlations

  #15 opened 4 months ago by alexpwns
  7

• Semi-Dead links to Sigma Correlations

  #134 opened 4 months ago by jonathan-s
  1

• Update to TLP tags

  #104 opened 4 months ago by HBadger0017
  2

• Feature request: JSON support

  #132 opened 5 months ago by 0xd13a
  4

• Generic Filter Support in V2

  #133 opened 5 months ago by jamesc-grafana
  4

• test issue

  #126 opened 6 months ago by Res260
  0

• Extended Correlation Support in V2

  #122 opened 9 months ago by nzedler
  3

• Compare two different attributes of a log

  #102 opened a year ago by nofaceinbook
  2

• V2 consideration - add support for datetime values

  #96 opened a year ago by DBHeise
  0

• RX Spec outdated or invalid

  #72 opened a year ago by hanstzou
  2

• TODO: Add Rx Schema

  #83 opened a year ago by nasbench
  1

• Sigma_Correlations.md page "404 not found"

  #94 opened a year ago by jiang834686379
  3

• How to check if field value is contained in range or less than/greater than some number

  #73 opened 2 years ago by navgeetagrawal-uptycs
  1

• Reference to other rules in the condition of a detection

  #7 opened 2 years ago by thomaspatzke
  1

• Search-Identifier, List and Map's Allowed Types

  #71 opened 2 years ago by hanstzou
  1

• Undeprecate Pipe Operator

  #68 opened 2 years ago by andrewthad
  4

• Homepage for Sigma Specification cutting off characters

  #61 opened 2 years ago by joshnck
  1

• How to do value comparison?

  #63 opened 2 years ago by trend-jason-x-lin
  1

• Add modifier to check if two fields are equal or not

  #54 opened 2 years ago by YamatoSecurity
  2

• Taxonomy update to support BitLocker Channel

  #33 opened 2 years ago by mdecrevoisier
  2

• Generic Log Sources - Network protocols/services

  #46 opened 4 years ago by defensivedepth
  10

• Add log source from this sigma rule to taxonomy

  #29 opened 2 years ago by H-cognna
  0

• Add log source (diagnosis-scripted) to taxonomy

  #30 opened 2 years ago by H-cognna
  1

• Add log source to taxonomy in this sigma rule /rules/windows/builtin/diagnosis/scripted/win_diagnosis_scripted_load_remote_diagcab.yml

  #24 opened 2 years ago by H-cognna
  0

• OpenSSH product and service mapping from Windows logs

  #13 opened 2 years ago by mdecrevoisier
  3

• Semantic meaning of wildcards undefined

  #9 opened 2 years ago by kelnage
  1