Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: Update tests to pySigma 0.10.9 #4591

Merged
merged 9 commits into from
Nov 27, 2023
68 changes: 34 additions & 34 deletions .github/workflows/greetings.yml
Original file line number Diff line number Diff line change
@@ -1,34 +1,34 @@
name: Auto message for PR's and Issues

on: [pull_request_target, issues]

jobs:
build:
name: Hello new contributor
runs-on: ubuntu-latest
steps:
- uses: actions/first-interaction@v1
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
issue-message: |-
Welcome @${{github.actor}} :wave:

It looks like this is your first issue on the Sigma rules repository!

The following repository accepts issues related to `false positives` or 'rule ideas'.

If you're reporting an issue related to the pySigma library please consider submitting it [here](https://github.com/SigmaHQ/pySigma)

If you're reporting an issue related to the deprecated sigmac library please consider submitting it [here](https://github.com/SigmaHQ/legacy-sigmatools)

Thanks for taking the time to open this issue, and welcome to the Sigma community! :smiley:


pr-message: |-
Welcome @${{github.actor}} :wave:

It looks like this is your first pull request on the Sigma rules repository!

Please make sure to read the [SigmaHQ conventions](https://github.com/SigmaHQ/sigma-specification/blob/main/sigmahq/sigmahq_conventions.md) document to make sure your contribution is adhering to best practices and has all the necessary elements in place for a successful approval.

Thanks again, and welcome to the Sigma community! :smiley:
#name: Auto message for PR's and Issues
#
#on: [pull_request_target, issues]
#
#jobs:
# build:
# name: Hello new contributor
# runs-on: ubuntu-latest
# steps:
# - uses: actions/first-interaction@v1
# with:
# repo-token: ${{ secrets.GITHUB_TOKEN }}
# issue-message: |-
# Welcome @${{github.actor}} :wave:
#
# It looks like this is your first issue on the Sigma rules repository!
#
# The following repository accepts issues related to `false positives` or 'rule ideas'.
#
# If you're reporting an issue related to the pySigma library please consider submitting it [here](https://github.com/SigmaHQ/pySigma)
#
# If you're reporting an issue related to the deprecated sigmac library please consider submitting it [here](https://github.com/SigmaHQ/legacy-sigmatools)
#
# Thanks for taking the time to open this issue, and welcome to the Sigma community! :smiley:
#
#
# pr-message: |-
# Welcome @${{github.actor}} :wave:
#
# It looks like this is your first pull request on the Sigma rules repository!
#
# Please make sure to read the [SigmaHQ conventions](https://github.com/SigmaHQ/sigma-specification/blob/main/sigmahq/sigmahq_conventions.md) document to make sure your contribution is adhering to best practices and has all the necessary elements in place for a successful approval.
#
# Thanks again, and welcome to the Sigma community! :smiley:
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ tags:
- attack.defense_evasion
- attack.privilege_escalation
- attack.t1134.001
- stp.4u
logsource:
product: windows
service: security
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ tags:
- attack.defense_evasion
- attack.privilege_escalation
- attack.t1055
- stp.1k
logsource:
product: windows
category: pipe_created
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,7 @@ date: 2021/12/30
tags:
- attack.persistence
- attack.t1574.011
- stp.2a
logsource:
product: windows
category: ps_script
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ modified: 2023/01/30
tags:
- attack.execution
- attack.t1059.003
- stp.1u
logsource:
category: process_creation
product: windows
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,7 @@ tags:
- attack.t1087.002
- attack.t1482
- attack.t1069.002
- stp.1u
logsource:
category: process_creation
product: windows
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ tags:
- attack.t1053.005
- attack.s0111
- car.2013-08-001
- stp.1u
logsource:
category: process_creation
product: windows
Expand Down
7 changes: 7 additions & 0 deletions tests/sigma_cli_conf.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,11 @@ validators:
- all_of_them_condition
- attacktag
- cartag
- custom_attributes
- cvetag
- date_existence
- description_existence
- description_length
- detection_tag
- duplicate_filename
- duplicate_references
Expand All @@ -12,9 +16,12 @@ validators:
- filename_sigmahq
- identifier_existence
- identifier_uniqueness
- level_existence
- status_existence
- status_unsupported
- stptag
- tlptag

exclusions:
# escaped_wildcard
021310d9-30a6-480a-84b7-eaa69aeb92bb: escaped_wildcard
Expand Down
Loading