Skip to content

pySigma Rapid7 InsightIDR Backend 0.1.5
Compare
Choose a tag to compare
@mbabinski mbabinski released this 14 Apr 22:33
· 23 commits to main since this release
v0.1.5
9ea7ce2

This released made the following improvements:

  • Added additional tests.
  • Set the InsightIDR pipeline as the default/built-in processing pipeline for the InsightIDR backend (no need to specify the pipeline in the script - this will also enable easier usage in Sigma-CLI).
  • Added a pipeline processing item to throw a more graceful error if unsupported aggregate function conditions are used.
  • Improved filtering/conditions for existing pipeline processing items.
  • Improved OR/AND condition logic in the backend (CIDR modifiers were causing issues when linked with ConditionOR or ConditionAND conditions), now grouping will only occur if all values are SigmaString or SigmaNumber values.
Assets 2
Loading