Webapp for converting sigma detection rules into SIEM queries

This page summarizes the projects mentioned and recommended in the original post on /r/blueteamsec
detection-engineering Sigma Splunk pysigma

InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured

  • sigmaio

    Discontinued simple webapp for converting sigma rules into siem queries using the pySigma library

  • pySigma

    Python library to parse and convert Sigma rules into queries (and whatever else you could imagine)

    • It's like uncoder.io but its using the new pySigma library which will replace the old sigma converter. So the web app is right now the equivalent to sigma-cli. Uncoder.io is using the old sigma converter.

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • sigma-cli

    The Sigma command line interface based on pySigma

    • It's like uncoder.io but its using the new pySigma library which will replace the old sigma converter. So the web app is right now the equivalent to sigma-cli. Uncoder.io is using the old sigma converter.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • A tool to detect errors early and measure the Effectiveness of SIEM rules against the behaviors that the rule was developed to work against, ensuring that the whole process of data collection, parsing, and query of security data is working properly and alert when things don't work as intended

    1 project | /r/purpleteamsec | 29 Aug 2021

  • SIEM content development

    2 projects | /r/SIEM | 10 Dec 2023

  • should we write our own custom rule

    2 projects | /r/cybersecurity | 4 Dec 2023

  • Splunk Enterprise Security dashboard that let's you prioritize, track your security automation efforts and sell your wins to management through quantitative metrics

    1 project | /r/cybersecurity | 11 Jul 2023

  • Azure data sources

    1 project | /r/Splunk | 1 Jul 2023