Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / SigmaHQ/pySigma-backend-elasticsearch issues and pull requests

#117 - feat: ✨ Add exists modifer for lucene

Pull Request - State: open - Opened by frack113 6 days ago

#116 - Lucene exists modifier error

Issue - State: open - Opened by frack113 6 days ago

#115 - Build(deps-dev): Bump autopep8 from 2.3.1 to 2.3.2

Pull Request - State: open - Opened by dependabot[bot] 15 days ago
Labels: dependencies

#114 - Build(deps): Bump pysigma from 0.11.18 to 0.11.19

Pull Request - State: open - Opened by dependabot[bot] 15 days ago
Labels: dependencies

#112 - Build(deps): Bump jinja2 from 3.1.4 to 3.1.5

Pull Request - State: closed - Opened by dependabot[bot] 24 days ago
Labels: dependencies

#111 - Build(deps-dev): Bump pylint from 3.3.2 to 3.3.3

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies

#110 - Build(deps-dev): Bump coverage from 7.6.9 to 7.6.10

Pull Request - State: closed - Opened by dependabot[bot] about 1 month ago
Labels: dependencies

#109 - EventIDs typed as string causing matching errors

Issue - State: open - Opened by thomaspatzke about 1 month ago - 1 comment

#108 - ESQL: flatten list of indices before converting to string

Pull Request - State: closed - Opened by Mat0vu about 1 month ago

#107 - ESQL searches only case-sensitive

Issue - State: open - Opened by Mat0vu about 2 months ago - 4 comments

#106 - Build(deps-dev): Bump coverage from 7.6.8 to 7.6.9

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies

#105 - Feat: Better transformation of informational rules

Pull Request - State: closed - Opened by andurin about 2 months ago

#104 - Feat: Add EQL ndjson postprocessing pipeline

Pull Request - State: closed - Opened by Mat0vu about 2 months ago

#103 - Error while matching wildcards on fields without keyword subfield

Issue - State: open - Opened by abulhol about 2 months ago - 5 comments

#102 - Build(deps-dev): Bump pylint from 3.3.1 to 3.3.2

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies

#101 - Build(deps-dev): Bump pytest from 8.3.3 to 8.3.4

Pull Request - State: closed - Opened by dependabot[bot] about 2 months ago
Labels: dependencies

#100 - Build(deps-dev): Bump coverage from 7.6.7 to 7.6.8

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies

#98 - Build(deps-dev): Bump coverage from 7.6.4 to 7.6.7

Pull Request - State: closed - Opened by dependabot[bot] 2 months ago
Labels: dependencies

#97 - Add ElastalertBackend for sigma cli

Pull Request - State: closed - Opened by frack113 3 months ago - 1 comment

#96 - Improve siem_rule_ndjson postprocessing pipeline in README

Pull Request - State: closed - Opened by Mat0vu 3 months ago

#95 - Feat: elastalert backend

Pull Request - State: closed - Opened by kurisukun 3 months ago - 1 comment

#94 - Add ES|QL siem_rule_ndjson template

Pull Request - State: closed - Opened by Mat0vu 3 months ago - 1 comment

#93 - Build(deps-dev): Bump pytest-cov from 5.0.0 to 6.0.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies

#92 - Fix: Added postprocessing pipelines to README

Pull Request - State: closed - Opened by andurin 3 months ago

#91 - Version Bump

Pull Request - State: closed - Opened by andurin 3 months ago

#90 - Fix: EQL Double quotation issue

Pull Request - State: closed - Opened by andurin 3 months ago

#89 - Build(deps): Bump pysigma from 0.11.17 to 0.11.18

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies

#88 - Fix ES|QL siem_rule_ndjson Detection Rule Import into Kibana

Pull Request - State: closed - Opened by Mat0vu 3 months ago - 1 comment

#87 - Build(deps-dev): Bump coverage from 6.5.0 to 7.6.4

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies

#86 - Build(deps-dev): Bump pytest-cov from 4.1.0 to 5.0.0

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies

#85 - Build(deps-dev): Bump pytest from 7.4.4 to 8.3.3

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies

#84 - Build(deps-dev): Bump pylint from 2.17.7 to 3.3.1

Pull Request - State: closed - Opened by dependabot[bot] 3 months ago
Labels: dependencies

#83 - Update dependabot.yml

Pull Request - State: closed - Opened by andurin 3 months ago

#82 - Fix: ES|QL correlations AttributeError and field existence

Pull Request - State: closed - Opened by m4dh4t 3 months ago

#81 - Index Error at multi rule query postprocess

Issue - State: closed - Opened by jcordon5 3 months ago

#80 - Fix: ES|QL correlations AttributeError and field existence

Pull Request - State: closed - Opened by m4dh4t 3 months ago - 1 comment

#79 - Defines 2 more fields in the Elastic K8S Integration

Pull Request - State: closed - Opened by LAripping 4 months ago - 1 comment

#78 - ESQL: Field existence check has opposite logic

Issue - State: closed - Opened by rtkmaryang 4 months ago

#77 - Fix: ES|QL index and metadata states

Pull Request - State: closed - Opened by m4dh4t 5 months ago - 1 comment

#76 - ESQL / Correlations: AttributeError when using siem_rule/kibana_ndjson formats

Issue - State: closed - Opened by 13621 5 months ago - 4 comments

#75 - Elastalert backend

Issue - State: closed - Opened by m4dh4t 5 months ago - 3 comments
Labels: wait for pr

#74 - Installation of 'elasticsearch' backend plugin not working for sigma cli

Issue - State: closed - Opened by v1p3r0u5 5 months ago - 2 comments

#73 - [ES|QL] Non-aggregating query

Issue - State: closed - Opened by 0xFustang 5 months ago

#72 - ES|QL Index list handling

Issue - State: closed - Opened by WildDogOne 5 months ago

#71 - Regex Escaping for EQL

Issue - State: open - Opened by WildDogOne 6 months ago

#70 - Elastic Security Informational Severity

Issue - State: closed - Opened by WildDogOne 6 months ago

#69 - Enabling Index selection for SIEM NDJSON Policies

Pull Request - State: closed - Opened by WildDogOne 6 months ago

#68 - Completes integration of kubernetes pipeline

Pull Request - State: closed - Opened by LAripping 7 months ago - 1 comment

#67 - Feat: Add Elastic Security rules and Kibana saved object support for ES|QL

Pull Request - State: closed - Opened by m4dh4t 7 months ago - 3 comments

#66 - ES version

Issue - State: open - Opened by adilraad2001 7 months ago - 1 comment

#64 - Fix: Feature not supported on fieldref modifier

Pull Request - State: closed - Opened by andurin 7 months ago

#63 - Update mapping for Imphash

Pull Request - State: closed - Opened by dfiredit1337 8 months ago

#62 - Processing pipeline must be merged with another one.

Issue - State: open - Opened by Koirin3224 8 months ago - 1 comment

#61 - Fix language and type typo for EQL

Pull Request - State: closed - Opened by webhead404 9 months ago - 3 comments

#60 - Add escape too all ':' in cidr for ipv6

Pull Request - State: closed - Opened by gregorywychowaniec-zt 9 months ago

#59 - Convert esql correlation rule fail no attribute get_conversion_states

Issue - State: closed - Opened by frack113 9 months ago - 4 comments

#58 - Fix invalid escape sequence

Pull Request - State: closed - Opened by cospirho 10 months ago

#57 - Wrong network direction values

Issue - State: open - Opened by cospirho 10 months ago - 3 comments

#56 - ES|QL backend with correlation support

Pull Request - State: closed - Opened by thomaspatzke 10 months ago

#55 - Chore update

Pull Request - State: closed - Opened by frack113 10 months ago

#54 - Escape CIDR IPV6

Pull Request - State: closed - Opened by frack113 11 months ago

#53 - Escape Cidr IPV6

Pull Request - State: closed - Opened by frack113 11 months ago - 2 comments

#52 - ecs_windows mappig skipped

Issue - State: closed - Opened by tr0mb1r 11 months ago - 1 comment

#51 - Update Kubernetes Logsource

Pull Request - State: closed - Opened by nasbench 11 months ago

#50 - Single quote escaping problem in query_string

Issue - State: closed - Opened by foxalfabravo 11 months ago - 2 comments

#49 - DSL query support

Issue - State: open - Opened by balintnadasi 11 months ago - 7 comments
Labels: enhancement

#48 - IPv6 address causes error in CIDR notation

Issue - State: closed - Opened by nzedler 11 months ago - 2 comments

#47 - Add user.name mapping

Pull Request - State: closed - Opened by defensivedepth 11 months ago - 1 comment

#45 - Duplicate query when using multiple pipelines

Issue - State: open - Opened by defensivedepth about 1 year ago - 1 comment
Labels: bug

#44 - build: 📦 Update dependencies to pySigma 0.11

Pull Request - State: closed - Opened by frack113 about 1 year ago - 1 comment

#43 - Fixed issues with query strings containing spaces and/or wildcards for Lucene Backend

Pull Request - State: closed - Opened by Koen1999 about 1 year ago - 3 comments

#42 - Kubernetes pipeline (audit logs)

Pull Request - State: closed - Opened by LAripping about 1 year ago - 1 comment

#41 - Invalid EQL rule type and language

Issue - State: closed - Opened by FilipPwn about 1 year ago

#40 - feat: add parsing of Mitre Att&ck tags into threat obj

Pull Request - State: closed - Opened by rkokkelk about 1 year ago

#39 - Updates for EQL support

Pull Request - State: closed - Opened by defensivedepth about 1 year ago

#38 - Update poetry

Pull Request - State: closed - Opened by frack113 about 1 year ago

#37 - fix: add `elasticsearch` to the allowed backends in the pipeline config

Pull Request - State: closed - Opened by nasbench about 1 year ago

#36 - Lucene Rule Generation Quotation Mark Issue

Issue - State: closed - Opened by LucaKuechler about 1 year ago - 3 comments

#35 - How to close subfields when convert a sigma rule to dsl?

Issue - State: closed - Opened by leexuan about 1 year ago - 1 comment

#34 - Solves sigma-cli/issues/29

Pull Request - State: closed - Opened by deibit over 1 year ago - 2 comments

#33 - Transform current output formats to postprocessing

Issue - State: open - Opened by andurin over 1 year ago - 2 comments

#32 - Eql backend

Pull Request - State: closed - Opened by thomaspatzke over 1 year ago - 1 comment

#31 - ecs_windows can not be use with lucene

Issue - State: closed - Opened by frack113 over 1 year ago - 1 comment

#30 - Custom Attributes Problem

Issue - State: closed - Opened by Yuvijadeja over 1 year ago - 1 comment

#28 - Wildcard format issue

Issue - State: closed - Opened by eliranDream over 1 year ago - 4 comments

#27 - Fix handling of angle brackets

Pull Request - State: closed - Opened by Technici4n over 1 year ago - 6 comments

#26 - Incorrect conversion of > character in sigma rule for Elastic/ECS Windows type

Issue - State: closed - Opened by canilc over 1 year ago - 2 comments

#25 - Fix #24: fix handling of null field conditions

Pull Request - State: closed - Opened by Technici4n over 1 year ago - 1 comment

#24 - Bug with `NOT _exists_` query

Issue - State: closed - Opened by Technici4n over 1 year ago - 1 comment

#23 - Queries fail for `IP` type

Issue - State: closed - Opened by cospirho over 1 year ago - 3 comments

#22 - No support for multi-field mappings

Issue - State: closed - Opened by cospirho over 1 year ago - 2 comments

#21 - Missing case-insensitive options

Issue - State: closed - Opened by cospirho over 1 year ago - 1 comment

#20 - Support Case Insensitivity + Multi-Fields

Pull Request - State: closed - Opened by cospirho over 1 year ago

#19 - pySigma can produce invalid `NOT NOT` queries

Issue - State: closed - Opened by Technici4n almost 2 years ago - 4 comments
Labels: bug

#18 - Fix: Missing formats

Pull Request - State: closed - Opened by andurin almost 2 years ago

#17 - Missing formats in version 1.0.1

Issue - State: closed - Opened by gal-dd almost 2 years ago - 1 comment

#16 - Update for pysigma 0.9.* ?

Issue - State: closed - Opened by Asilias almost 2 years ago - 1 comment