Skip to content
Transform "sigma/rules/macos/file_event" Sigma rules to S1PQ

Transform "sigma/rules/macos/file_event" Sigma rules to S1PQ #333

Sign in to view logs

Transform "sigma/rules/macos/file_event" Sigma rules to S1PQ

Transform "sigma/rules/macos/file_event" Sigma rules to S1PQ #333

Workflow file for this run

.github/workflows/sigma-to-s1pq-converter-macos-file_event-markdown.yml at 7ce2f64
name: Transform "sigma/rules/macos/file_event" Sigma rules to S1PQ
on:
workflow_dispatch:
schedule:
- cron: "0 0 * * *" # Run once per day at midnight
jobs:
run-python-script:
runs-on: ubuntu-latest # Change value from 'self-hosted' to 'ubuntu-latest' if you want to host it on Github.
permissions:
contents: write
env:
SIGMACATEGORY: "rules"
PLATFORM: "macos"
SIGMARULE: "file_event"
steps:
- name: Checkout code
uses: actions/[email protected]
- name: Set up Python
uses: actions/[email protected]
with:
python-version: '3.12'
- name: get sigma-cli
run: |
python -m pip install sigma-cli
- name: Install sigma-cli pipelines
run: |
sigma plugin install sentinelone-pq
- name: Get Sigma repository
run: |
git clone https://github.com/SigmaHQ/sigma.git
- name: Create destination folder 'S1PQ-${{ env.SIGMACATEGORY }}-${{ env.PLATFORM }}-${{ env.SIGMARULE }}'
run: |
mkdir -p "${{ github.workspace }}/S1PQ-${{ env.SIGMACATEGORY }}-${{ env.PLATFORM }}-${{ env.SIGMARULE }}"
cd 'S1PQ-${{ env.SIGMACATEGORY }}-${{ env.PLATFORM }}-${{ env.SIGMARULE }}'
- name: Run 'sigma-to-s1pq-converter.py' script
run: python sigma-to-s1pq-converter.py 'sigma/${{ env.SIGMACATEGORY }}/${{ env.PLATFORM }}/${{ env.SIGMARULE }}/' 'S1PQ-${{ env.SIGMACATEGORY }}-${{ env.PLATFORM }}-${{ env.SIGMARULE }}'
- name: Pull latest changes
run: git pull origin main
- name: Push changes
run: git push origin main
- name: Commit and push translated process creation rules
uses: stefanzweifel/git-auto-commit-action@v5