Releases · SigmaHQ/pySigma

Added plugin system for backends, pipelines and validators. Requires additional metadata from plugin to enable plugin system to discover it.
Moved builtin validators to package sigma.validators.core.
Reintroduced Windows logsource mapping change that introduces lists to windows_logsource_mapping for Sigma log sources that map to multiple Windows log sources. Use generate_windows_logsource_items() function from sigma.pipelines.common to generate processing pipelines from windows_logsource_mapping. It handles multivalue cases correctly.

Further Changes

Added support for value lists in AddConditionTransformation processing pipeline operation.
Update mitre attack by @andurin in #96
docs: clarification on cidr value modifier IPv4 limitation by @phantinuss in #100

New Contributors

@phantinuss made their first contribution in #100

Full Changelog: v0.8.12...v0.9.0

Contributors

andurin and phantinuss

Assets 2

06 Jan 22:37

thomaspatzke

v0.8.12

63f5573

pySigma 0.8.12

Added option to keep regular expression escpae character itself unescaped in regular expression escpae() method as well as in the text query base class.

Assets 2

05 Jan 22:17

thomaspatzke

v0.8.11

cc7f4b9

pySigma 0.8.11

Fix: reverted change that introduced breaking change, lists in windows_logsource_mapping.

Assets 2

14 Dec 23:04

thomaspatzke

v0.8.10

9cac66a

pySigma 0.8.10

What's Changed

Update Win Logsource Mapping + Missing Categories by @nasbench in #67
Ensure DeferredQueryExpressions avoid grouping by @kelnage in #70
Add new event-log source by @nasbench in #71
Fixed poetry install error on Python 3.11(due to pylint dependency) by @fukusuket in #73
Fixed poetry install error on Windows2019 by @fukusuket in #74
keep space in int by @frack113 in #75
Allow a single WILDCARD_MULTI by @frack113 in #76