Releases: SigmaHQ/pySigma-backend-elasticsearch
Releases Β· SigmaHQ/pySigma-backend-elasticsearch
v2.0.2
What's Changed
- feat: Add macOS ESF pipeline (ecs_macos_esf) by @eric-nebulock in #171
- Fix SigmaNull conversion in ECS Windows pipeline by @vl43den in #174
New Contributors
- @eric-nebulock made their first contribution in #171
- @vl43den made their first contribution in #174
Full Changelog: v2.0.1...v2.0.2
Contributors
vl43den and eric-nebulock
Assets 2
v2.0.1
Fixed issue in pySigma that caused wrong escaping of wildcards in combination with the contains modifier and processing pipelines that convert values to string like the ECS pipelines.
Full Changelog: v2.0.0...v2.0.1
v2.0.0
What's Changed
- Build(deps-dev): Bump requests from 2.32.3 to 2.32.4 by @dependabot[bot] in #140
- Build(deps-dev): Bump pytest from 8.3.5 to 8.4.0 by @dependabot[bot] in #141
- Build(deps-dev): Bump pytest-cov from 6.1.1 to 6.2.1 by @dependabot[bot] in #142
- Build(deps-dev): Bump coverage from 7.8.0 to 7.9.1 by @dependabot[bot] in #143
- Build(deps-dev): Bump pytest from 8.4.0 to 8.4.1 by @dependabot[bot] in #145
- Build(deps): Bump urllib3 from 2.4.0 to 2.5.0 by @dependabot[bot] in #144
- Build(deps-dev): Bump coverage from 7.9.1 to 7.10.1 by @dependabot[bot] in #147
- Build(deps-dev): Bump coverage from 7.10.1 to 7.10.2 by @dependabot[bot] in #148
- Build(deps-dev): Bump coverage from 7.10.2 to 7.10.3 by @dependabot[bot] in #150
- ECS field typing and network direction transformation by @thomaspatzke in #151
- Build(deps-dev): Bump requests from 2.32.4 to 2.32.5 by @dependabot[bot] in #153
- Build(deps-dev): Bump coverage from 7.10.4 to 7.10.5 by @dependabot[bot] in #154
- Build(deps-dev): Bump coverage from 7.10.5 to 7.10.6 by @dependabot[bot] in #155
- Build(deps-dev): Bump pytest from 8.4.1 to 8.4.2 by @dependabot[bot] in #157
- Build(deps-dev): Bump pytest-cov from 6.2.1 to 7.0.0 by @dependabot[bot] in #158
- Build(deps-dev): Bump coverage from 7.10.6 to 7.10.7 by @dependabot[bot] in #159
- Build(deps): Bump pyyaml from 6.0.2 to 6.0.3 by @dependabot[bot] in #161
- Changed "license" to be user configurable instead of hardcoded by @sudo-d4s3 in #162
- Fixed typo that created issue when using the Zeek pipeline by @zerodavesec in #160
- Update to pySigma 1.0 by @thomaspatzke in #163
New Contributors
- @sudo-d4s3 made their first contribution in #162
- @zerodavesec made their first contribution in #160
Full Changelog: v1.1.6...v2.0.0
Contributors
thomaspatzke, sudo-d4s3, and 2 other contributors
Assets 2
v1.2.0rc1
What's Changed
- Updated to pySigma 1.0.0rc2
- Updated dependencies
- ECS field typing and network direction transformation by @thomaspatzke in #151
Full Changelog: v1.1.6...v1.2.0rc1
Contributors
thomaspatzke
Assets 2
v1.1.6
What's Changed
- Build(deps-dev): Bump coverage from 7.6.7 to 7.6.8 by @dependabot in #100
- Build(deps-dev): Bump pytest from 8.3.3 to 8.3.4 by @dependabot in #101
- Build(deps-dev): Bump pylint from 3.3.1 to 3.3.2 by @dependabot in #102
- Feat: Better transformation of informational rules by @andurin in #105
- Feat: Add EQL ndjson postprocessing pipeline by @Mat0vu in #104
- Build(deps-dev): Bump coverage from 7.6.8 to 7.6.9 by @dependabot in #106
- ESQL: flatten list of indices before converting to string by @Mat0vu in #108
- Build(deps-dev): Bump coverage from 7.6.9 to 7.6.10 by @dependabot in #110
- Build(deps-dev): Bump pylint from 3.3.2 to 3.3.3 by @dependabot in #111
- Build(deps): Bump jinja2 from 3.1.4 to 3.1.5 by @dependabot in #112
- feat: β¨ Add exists modifer for lucene by @frack113 in #117
- Build(deps-dev): Bump autopep8 from 2.3.1 to 2.3.2 by @dependabot in #115
- Build(deps): Bump pysigma from 0.11.18 to 0.11.19 by @dependabot in #114
- Update PowerShell Payload Data Mapping by @dfiredit1337 in #120
- Build(deps-dev): Bump coverage from 7.6.11 to 7.6.12 by @dependabot in #122
- Build(deps-dev): Bump pytest from 8.3.4 to 8.3.5 by @dependabot in #123
- Build(deps): Bump jinja2 from 3.1.5 to 3.1.6 by @dependabot in #124
- Build(deps-dev): Bump coverage from 7.6.12 to 7.7.0 by @dependabot in #126
- Build(deps-dev): Bump coverage from 7.7.0 to 7.8.0 by @dependabot in #129
- Build(deps-dev): Bump pytest-cov from 6.0.0 to 6.1.1 by @dependabot in #132
- Build(deps): Bump pysigma from 0.11.19 to 0.11.20 by @dependabot in #131
- Update workflows version by @frack113 in #135
- Build(deps): Bump pysigma from 0.11.22 to 0.11.23 by @dependabot in #137
- refactor(elastalert): add yaml validation by @kurisukun in #136
- Version bump by @andurin in #138
Full Changelog: v1.1.5...v1.1.6
Contributors
andurin, dependabot, and 4 other contributors
Assets 2
v1.1.5
What's Changed
- Build(deps-dev): Bump coverage from 7.6.4 to 7.6.7 by @dependabot in #98
- Add ElastalertBackend for sigma cli by @frack113 in #97
Full Changelog: v1.1.4...v1.1.5
Contributors
dependabot and frack113
Assets 2
v1.1.4
What's Changed
- Fix: Added postprocessing pipelines to README by @andurin in #92
- Build(deps-dev): Bump pytest-cov from 5.0.0 to 6.0.0 by @dependabot in #93
- Add ES|QL siem_rule_ndjson template by @Mat0vu in #94
- Improve siem_rule_ndjson postprocessing pipeline in README by @Mat0vu in #96
- Feat: elastalert backend by @kurisukun in #95
New Contributors
- @kurisukun made their first contribution in #95
Full Changelog: v1.1.3...v1.1.4
Contributors
andurin, dependabot, and 2 other contributors
Assets 2
v1.1.3
What's Changed
- Defines 2 more fields in the Elastic K8S Integration by @LAripping in #79
- Fix: ES|QL index and metadata states by @m4dh4t in #77
- Fix: ES|QL correlations AttributeError and field existence by @m4dh4t in #82
- Update dependabot.yml by @andurin in #83
- Build(deps-dev): Bump pylint from 2.17.7 to 3.3.1 by @dependabot in #84
- Build(deps-dev): Bump pytest from 7.4.4 to 8.3.3 by @dependabot in #85
- Build(deps-dev): Bump pytest-cov from 4.1.0 to 5.0.0 by @dependabot in #86
- Build(deps-dev): Bump coverage from 6.5.0 to 7.6.4 by @dependabot in #87
- Fix ES|QL siem_rule_ndjson Detection Rule Import into Kibana by @Mat0vu in #88
- Build(deps): Bump pysigma from 0.11.17 to 0.11.18 by @dependabot in #89
- Fix: EQL Double quotation issue by @andurin in #90
- Version Bump by @andurin in #91
New Contributors
- @dependabot made their first contribution in #84
- @Mat0vu made their first contribution in #88
Full Changelog: v1.1.2...v1.1.3
Contributors
andurin, LAripping, and 3 other contributors
Assets 2
v1.1.2
What's Changed
- Fix: Feature not supported on fieldref modifier by @andurin in #64
- Completes integration of kubernetes pipeline by @LAripping in #68
- Feat: Add Elastic Security rules and Kibana saved object support for ES|QL by @m4dh4t in #67
- Enabling Index selection for SIEM NDJSON Policies by @WildDogOne in #69
New Contributors
- @m4dh4t made their first contribution in #67
- @WildDogOne made their first contribution in #69
Full Changelog: v1.1.1...v1.1.2
Contributors
andurin, WildDogOne, and 2 other contributors
Assets 2
v1.1.1
What's Changed
- Fix 'or' based handling of windash and base64 modifier
- Add escape too all ':' in cidr for ipv6 by @gregorywychowaniec-zt in #60
- Fix language and type typo for EQL by @webhead404 in #61
- Update mapping for Imphash by @dfiredit1337 in #63
New Contributors
- @gregorywychowaniec-zt made their first contribution in #60
- @webhead404 made their first contribution in #61
- @dfiredit1337 made their first contribution in #63
Full Changelog: v1.1.0...v1.1.1
Contributors
webhead404, dfiredit1337, and gregorywychowaniec-zt