Index
A
|
B
|
C
|
D
|
E
|
F
|
G
|
H
|
I
|
J
|
L
|
M
|
N
|
P
|
Q
|
R
|
S
|
T
|
U
|
V
|
W
|
Y
A
add_applied_processing_item() (sigma.rule.SigmaDetection method)
add_pipeline_class() (sigma.processing.resolver.ProcessingPipelineResolver method)
AddConditionTransformation (class in sigma.processing.transformations)
AddFieldnamePrefixTransformation (class in sigma.processing.transformations)
AddFieldnameSuffixTransformation (class in sigma.processing.transformations)
AddFieldTransformation (class in sigma.processing.transformations)
AllOfThemConditionIssue (class in sigma.validators.core.condition)
AllOfThemConditionValidator (class in sigma.validators.core.condition)
AllWithoutContainsModifierIssue (class in sigma.validators.core.modifiers)
apply() (sigma.processing.pipeline.ProcessingItem method)
(sigma.processing.pipeline.ProcessingPipeline method)
apply_modifiers() (sigma.rule.SigmaDetectionItem method)
ATTACKTagValidator (class in sigma.validators.core.tags)
autodiscover() (sigma.plugins.InstalledSigmaPlugins class method)
B
Backend (class in sigma.conversion.base)
Base64OffsetWithoutContainsModifierIssue (class in sigma.validators.core.modifiers)
C
CARTagValidator (class in sigma.validators.core.tags)
ChangeLogsourceTransformation (class in sigma.processing.transformations)
compare_precedence() (sigma.conversion.base.TextQueryBackend method)
compile() (sigma.types.SigmaRegularExpression method)
ConcatenateQueriesFinalizer (class in sigma.processing.finalization)
condition_referenced_ids() (sigma.validators.core.condition.DanglingDetectionValidator method)
condition_unknown_referenced_ids() (sigma.validators.core.condition.DanglingConditionValidator method)
contains_placeholder() (sigma.types.SigmaString method)
contains_special() (sigma.types.SigmaString method)
ControlCharacterIssue (class in sigma.validators.core.values)
ControlCharacterValidator (class in sigma.validators.core.values)
convert() (sigma.conversion.base.Backend method)
(sigma.types.SigmaString method)
convert_condition() (sigma.conversion.base.Backend method)
convert_condition_and() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_as_in_expression() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_field_compare_op_val() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_field_eq_expansion() (sigma.conversion.base.Backend method)
convert_condition_field_eq_field() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_field_eq_field_escape_and_quote() (sigma.conversion.base.TextQueryBackend method)
convert_condition_field_eq_query_expr() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_field_eq_val() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_field_eq_val_bool() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_field_eq_val_cidr() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_field_eq_val_exists() (sigma.conversion.base.Backend method)
convert_condition_field_eq_val_null() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_field_eq_val_num() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_field_eq_val_re() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_field_eq_val_re_contains() (sigma.conversion.base.TextQueryBackend method)
convert_condition_field_eq_val_str() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_field_eq_val_str_case_sensitive() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_field_eq_val_timestamp_part() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_field_exists() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_field_not_exists() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_group() (sigma.conversion.base.TextQueryBackend method)
convert_condition_not() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_or() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_query_expr() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_val() (sigma.conversion.base.Backend method)
convert_condition_val_num() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_val_re() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_val_str() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_condition_val_timestamp_part() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_correlation_event_count_rule() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_correlation_rule() (sigma.conversion.base.Backend method)
convert_correlation_search_multi_rule_query_postprocess() (sigma.conversion.base.TextQueryBackend method)
convert_correlation_temporal_ordered_rule() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_correlation_temporal_rule() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_correlation_typing_query_postprocess() (sigma.conversion.base.TextQueryBackend method)
convert_correlation_value_count_rule() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
convert_rule() (sigma.conversion.base.Backend method)
convert_value_re() (sigma.conversion.base.TextQueryBackend method)
convert_value_str() (sigma.conversion.base.TextQueryBackend method)
ConvertTypeTransformation (class in sigma.processing.transformations)
,
[1]
CustomAttributesIssue (class in sigma.validators.core.metadata)
CustomAttributesValidator (class in sigma.validators.core.metadata)
CVETagValidator (class in sigma.validators.core.tags)
D
D3FENDTagValidator (class in sigma.validators.core.tags)
DanglingConditionIssue (class in sigma.validators.core.condition)
DanglingConditionValidator (class in sigma.validators.core.condition)
DanglingDetectionIssue (class in sigma.validators.core.condition)
DanglingDetectionValidator (class in sigma.validators.core.condition)
decide_convert_condition_as_in_expression() (sigma.conversion.base.Backend method)
decide_string_quoting() (sigma.conversion.base.TextQueryBackend method)
default_plugin_directory() (sigma.plugins.SigmaPluginDirectory class method)
detection_item_condition_linking() (sigma.processing.pipeline.ProcessingItem method)
DetectionItemFailureTransformation (class in sigma.processing.transformations)
,
[1]
DetectionItemProcessingCondition (class in sigma.processing.conditions)
DetectionItemProcessingItemAppliedCondition (class in sigma.processing.conditions)
DetectionItemProcessingStateCondition (class in sigma.processing.conditions)
DetectionTagValidator (class in sigma.validators.core.tags)
disable_conversion_to_plain() (sigma.rule.SigmaDetectionItem method)
DoubleWildcardIssue (class in sigma.validators.core.values)
DoubleWildcardValidator (class in sigma.validators.core.values)
DropDetectionItemTransformation (class in sigma.processing.transformations)
DuplicateFilenameIssue (class in sigma.validators.core.metadata)
DuplicateFilenameValidator (class in sigma.validators.core.metadata)
DuplicateReferencesIssue (class in sigma.validators.core.metadata)
DuplicateReferencesValidator (class in sigma.validators.core.metadata)
DuplicateTagIssue (class in sigma.validators.core.tags)
DuplicateTagValidator (class in sigma.validators.core.tags)
DuplicateTitleIssue (class in sigma.validators.core.metadata)
DuplicateTitleValidator (class in sigma.validators.core.metadata)
E
EmbedQueryInJSONTransformation (class in sigma.processing.postprocessing)
EmbedQueryTransformation (class in sigma.processing.postprocessing)
endswith() (sigma.types.SigmaString method)
escape() (sigma.types.SigmaRegularExpression method)
escape_and_quote_field() (sigma.conversion.base.TextQueryBackend method)
EscapedWildcardIssue (class in sigma.validators.core.values)
EscapedWildcardValidator (class in sigma.validators.core.values)
ExcludeFieldCondition (class in sigma.processing.conditions)
expand() (sigma.types.SigmaCIDRExpression method)
F
field_name_condition_linking() (sigma.processing.pipeline.ProcessingItem method)
field_timestamp_part_expression (sigma.conversion.base.TextQueryBackend attribute)
field_was_processed_by() (sigma.processing.pipeline.ProcessingPipeline method)
FieldFunctionTransformation (class in sigma.processing.transformations)
FieldMappingTransformation (class in sigma.processing.transformations)
FieldNameProcessingCondition (class in sigma.processing.conditions)
FieldNameProcessingItemAppliedCondition (class in sigma.processing.conditions)
FieldNameProcessingStateCondition (class in sigma.processing.conditions)
FieldPrefixMappingTransformation (class in sigma.processing.transformations)
FilenameLengthIssue (class in sigma.validators.core.metadata)
FilenameLengthValidator (class in sigma.validators.core.metadata)
finalize() (sigma.conversion.base.Backend method)
(sigma.validation.SigmaValidator method)
(sigma.validators.core.metadata.DuplicateFilenameValidator method)
(sigma.validators.core.metadata.DuplicateTitleValidator method)
(sigma.validators.core.metadata.IdentifierUniquenessValidator method)
finalize_output_default() (sigma.conversion.base.Backend method)
finalize_query() (sigma.conversion.base.Backend method)
(sigma.conversion.base.TextQueryBackend method)
finalize_query_default() (sigma.conversion.base.Backend method)
from_definition() (sigma.rule.SigmaDetection class method)
from_dict() (sigma.plugins.SigmaPlugin class method)
(sigma.processing.pipeline.ProcessingItem class method)
(sigma.processing.pipeline.ProcessingPipeline class method)
(sigma.rule.SigmaLogSource class method)
(sigma.rule.SigmaRule class method)
(sigma.validation.SigmaValidator class method)
from_dicts() (sigma.collection.SigmaCollection class method)
from_mapping() (sigma.rule.SigmaDetectionItem class method)
from_pipeline_list() (sigma.processing.resolver.ProcessingPipelineResolver class method)
from_str() (sigma.rule.SigmaRuleTag class method)
from_url() (sigma.plugins.SigmaPluginDirectory class method)
from_value() (sigma.rule.SigmaDetectionItem class method)
from_yaml() (sigma.collection.SigmaCollection class method)
(sigma.processing.pipeline.ProcessingPipeline class method)
G
get_flag_template() (sigma.conversion.base.TextQueryBackend method)
get_output_rules() (sigma.collection.SigmaCollection method)
get_pipeline_resolver() (sigma.plugins.InstalledSigmaPlugins method)
get_plugins() (sigma.plugins.SigmaPluginDirectory method)
get_unreferenced_rules() (sigma.collection.SigmaCollection method)
H
has_capability() (sigma.plugins.SigmaPlugin method)
I
IdentifierCollisionIssue (class in sigma.validators.core.metadata)
IdentifierExistenceIssue (class in sigma.validators.core.metadata)
IdentifierExistenceValidator (class in sigma.validators.core.metadata)
IdentifierUniquenessValidator (class in sigma.validators.core.metadata)
IncludeFieldCondition (class in sigma.processing.conditions)
insert_placeholders() (sigma.types.SigmaString method)
install() (sigma.plugins.SigmaPlugin method)
InstalledSigmaPlugins (class in sigma.plugins)
InvalidATTACKTagIssue (class in sigma.validators.core.tags)
InvalidD3FENDagIssue (class in sigma.validators.core.tags)
InvalidModifierCombinationsValidator (class in sigma.validators.core.modifiers)
InvalidNamespaceTagIssue (class in sigma.validators.core.tags)
InvalidPatternTagIssue (class in sigma.validators.core.tags)
InvalidTagFormatIssue (class in sigma.validators.core.tags)
InvalidTLPTagIssue (class in sigma.validators.core.tags)
is_compatible() (sigma.plugins.SigmaPlugin method)
is_keyword() (sigma.rule.SigmaDetectionItem method)
IsNullCondition (class in sigma.processing.conditions)
IsSigmaCorrelationRuleCondition (class in sigma.processing.conditions)
IsSigmaRuleCondition (class in sigma.processing.conditions)
J
JSONFinalizer (class in sigma.processing.finalization)
L
list_pipelines() (sigma.processing.resolver.ProcessingPipelineResolver method)
load_ruleset() (sigma.collection.SigmaCollection class method)
LogsourceCondition (class in sigma.processing.conditions)
M
MapStringTransformation (class in sigma.processing.transformations)
match_detection_item() (sigma.processing.pipeline.ProcessingItem method)
match_field_in_value() (sigma.processing.pipeline.ProcessingItem method)
match_field_name() (sigma.processing.pipeline.ProcessingItem method)
MatchStringCondition (class in sigma.processing.conditions)
merge() (sigma.collection.SigmaCollection class method)
ModifierAppliedMultipleIssue (class in sigma.validators.core.modifiers)
module
sigma.validators.core.condition
sigma.validators.core.metadata
sigma.validators.core.modifiers
sigma.validators.core.tags
sigma.validators.core.values
N
NamespaceTagValidator (class in sigma.validators.core.tags)
NestedFinalizer (class in sigma.processing.finalization)
NestedProcessingTransformation (class in sigma.processing.transformations)
NestedQueryPostprocessingTransformation (class in sigma.processing.postprocessing)
not_equals_context_manager() (sigma.conversion.base.TextQueryBackend method)
NumberAsStringIssue (class in sigma.validators.core.values)
NumberAsStringValidator (class in sigma.validators.core.values)
P
postprocess() (sigma.rule.SigmaDetection method)
(sigma.rule.SigmaDetectionItem method)
postprocess_query() (sigma.processing.pipeline.ProcessingPipeline method)
ProcessingItem (class in sigma.processing.pipeline)
ProcessingPipeline (class in sigma.processing.pipeline)
ProcessingPipelineResolver (class in sigma.processing.resolver)
Q
QueryExpressionPlaceholderTransformation (class in sigma.processing.transformations)
QuerySimpleTemplateTransformation (class in sigma.processing.postprocessing)
QueryTemplateTransformation (class in sigma.processing.postprocessing)
quote_string() (sigma.conversion.base.TextQueryBackend method)
R
RegexTransformation (class in sigma.processing.transformations)
,
[1]
RemoveFieldTransformation (class in sigma.processing.transformations)
replace_placeholders() (sigma.types.SigmaString method)
replace_with_placeholder() (sigma.types.SigmaString method)
ReplaceQueryTransformation (class in sigma.processing.postprocessing)
ReplaceStringTransformation (class in sigma.processing.transformations)
resolve() (sigma.processing.resolver.ProcessingPipelineResolver method)
resolve_paths() (sigma.collection.SigmaCollection class method)
resolve_pipeline() (sigma.processing.resolver.ProcessingPipelineResolver method)
resolve_rule_references() (sigma.collection.SigmaCollection method)
RuleAttributeCondition (class in sigma.processing.conditions)
RuleContainsDetectionItemCondition (class in sigma.processing.conditions)
RuleFailureTransformation (class in sigma.processing.transformations)
,
[1]
RuleProcessingCondition (class in sigma.processing.conditions)
RuleProcessingItemAppliedCondition (class in sigma.processing.conditions)
RuleProcessingStateCondition (class in sigma.processing.conditions)
RuleTagCondition (class in sigma.processing.conditions)
S
SetCustomAttributeTransformation (class in sigma.processing.transformations)
SetFieldTransformation (class in sigma.processing.transformations)
SetStateTransformation (class in sigma.processing.transformations)
,
[1]
SetValueTransformation (class in sigma.processing.transformations)
,
[1]
sigma.validators.core.condition
module
sigma.validators.core.metadata
module
sigma.validators.core.modifiers
module
sigma.validators.core.tags
module
sigma.validators.core.values
module
SigmaBool (class in sigma.types)
SigmaCIDRExpression (class in sigma.types)
SigmaCollection (class in sigma.collection)
SigmaCompareExpression (class in sigma.types)
SigmaCompareExpression.CompareOperators (class in sigma.types)
SigmaDetection (class in sigma.rule)
SigmaDetectionItem (class in sigma.rule)
SigmaDetectionItemValidator (class in sigma.validators.base)
SigmaDetections (class in sigma.rule)
SigmaDetectionValidator (class in sigma.validators.base)
SigmaLevel (class in sigma.rule)
SigmaLogSource (class in sigma.rule)
SigmaNull (class in sigma.types)
SigmaNumber (class in sigma.types)
SigmaPlugin (class in sigma.plugins)
SigmaPluginDirectory (class in sigma.plugins)
SigmaQueryExpression (class in sigma.types)
SigmaRegularExpression (class in sigma.types)
SigmaRule (class in sigma.rule)
SigmaRuleTag (class in sigma.rule)
SigmaStatus (class in sigma.rule)
SigmaString (class in sigma.types)
SigmaStringValueValidator (class in sigma.validators.base)
SigmaTagValidator (class in sigma.validators.base)
SigmaValidationIssue (class in sigma.validators.base)
SigmaValidationIssueSeverity (class in sigma.validators.base)
SigmaValidator (class in sigma.validation)
SigmaValueValidator (class in sigma.validators.base)
startswith() (sigma.types.SigmaString method)
STPTagValidator (class in sigma.validators.core.tags)
T
TagFormatValidator (class in sigma.validators.core.tags)
TagPatternValidatorBase (class in sigma.validators.core.tags)
TemplateFinalizer (class in sigma.processing.finalization)
TextQueryBackend (class in sigma.conversion.base)
ThemConditionWithSingleDetectionIssue (class in sigma.validators.core.condition)
ThemConditionWithSingleDetectionValidator (class in sigma.validators.core.condition)
timestamp_part_mapping (sigma.conversion.base.TextQueryBackend attribute)
TLPTagValidator (class in sigma.validators.core.tags)
TLPTagValidatorBase (class in sigma.validators.core.tags)
TLPv1TagValidator (class in sigma.validators.core.tags)
TLPv2TagValidator (class in sigma.validators.core.tags)
to_dict() (sigma.rule.SigmaRule method)
to_plain() (sigma.rule.SigmaDetection method)
(sigma.rule.SigmaDetectionItem method)
(sigma.types.SigmaString method)
to_plain_regex() (sigma.types.SigmaString method)
to_regex() (sigma.types.SigmaString method)
track_field_processing_items() (sigma.processing.pipeline.ProcessingPipeline method)
Transformation (class in sigma.processing.transformations)
U
uninstall() (sigma.plugins.SigmaPlugin method)
upgrade() (sigma.plugins.SigmaPlugin method)
V
validate() (sigma.validators.base.SigmaDetectionValidator method)
(sigma.validators.base.SigmaTagValidator method)
(sigma.validators.core.condition.AllOfThemConditionValidator method)
(sigma.validators.core.condition.DanglingConditionValidator method)
(sigma.validators.core.condition.DanglingDetectionValidator method)
(sigma.validators.core.condition.ThemConditionWithSingleDetectionValidator method)
(sigma.validators.core.metadata.CustomAttributesValidator method)
(sigma.validators.core.metadata.DuplicateFilenameValidator method)
(sigma.validators.core.metadata.DuplicateReferencesValidator method)
(sigma.validators.core.metadata.DuplicateTitleValidator method)
(sigma.validators.core.metadata.FilenameLengthValidator method)
(sigma.validators.core.metadata.IdentifierExistenceValidator method)
(sigma.validators.core.metadata.IdentifierUniquenessValidator method)
(sigma.validators.core.tags.DuplicateTagValidator method)
validate_detection() (sigma.validators.base.SigmaDetectionItemValidator method)
(sigma.validators.base.SigmaDetectionValidator method)
validate_detection_item() (sigma.validators.base.SigmaDetectionItemValidator method)
(sigma.validators.base.SigmaValueValidator method)
(sigma.validators.core.modifiers.InvalidModifierCombinationsValidator method)
(sigma.validators.core.values.WildcardsInsteadOfModifiersValidator method)
validate_rule() (sigma.validation.SigmaValidator method)
validate_rules() (sigma.validation.SigmaValidator method)
validate_tag() (sigma.validators.base.SigmaTagValidator method)
(sigma.validators.core.tags.ATTACKTagValidator method)
(sigma.validators.core.tags.D3FENDTagValidator method)
(sigma.validators.core.tags.NamespaceTagValidator method)
(sigma.validators.core.tags.TagFormatValidator method)
(sigma.validators.core.tags.TagPatternValidatorBase method)
(sigma.validators.core.tags.TLPTagValidatorBase method)
validate_value() (sigma.validators.base.SigmaValueValidator method)
(sigma.validators.core.values.ControlCharacterValidator method)
(sigma.validators.core.values.DoubleWildcardValidator method)
(sigma.validators.core.values.EscapedWildcardValidator method)
(sigma.validators.core.values.NumberAsStringValidator method)
value_linking (sigma.rule.SigmaDetectionItem attribute)
ValueListPlaceholderTransformation (class in sigma.processing.transformations)
W
WildcardInsteadOfEndswithIssue (class in sigma.validators.core.values)
WildcardInsteadOfStartswithIssue (class in sigma.validators.core.values)
WildcardPlaceholderTransformation (class in sigma.processing.transformations)
WildcardsInsteadOfContainsModifierIssue (class in sigma.validators.core.values)
WildcardsInsteadOfModifiersValidator (class in sigma.validators.core.values)
Y
YAMLFinalizer (class in sigma.processing.finalization)
pySigma
Navigation
Contents:
Sigma Rules
Processing Pipelines
Backends
Rule Validation
Plugin System
Breaking Changes
Related Topics
Documentation overview
Quick search