You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This commit was created on GitHub.com and signed with GitHub’s verified signature.
Support for more output languages
Added support for Graylog
Improvements in translation quality
Added escaping mechanisms for the following platforms both as input and output: Splunk, CrowdStrike, Elastic Stack, Falcon LogScale, Microsoft Sentinel, IBM QRadar, Chronicle Security, AWS OpenSearch
The author and license of the source rule are now added as a comment to its translation if there's no description field
Roota:
Added parsing of Splunk keywords without quotes and fixed known issues with keywords
Added support for the != operator in Splunk queries and improved the logic of processing other operators
Improved translation of Roota with a Splunk query into Falcon LogScale by adding quotes to the values in table functions
Fixed an issue where the same default mapping could be applied for any output language
Sigma:
Fixed an issue with the wrong translation of the level field into some platforms
