Commits: tests/logsource.json - SigmaHQ/sigma

SigmaHQ / sigma UNCLAIMED

Main Sigma Rule Repository

0 0 0 Python

COMMITS

/ tests/logsource.json

master

January 24, 2026

Merge PR #5741 from @swachchhanda000 - Add Splunk Rules for MSIX/AppX

Swachchhanda Shrawan Poudel committed 2mo ago

77f4b0b

December 8, 2025

Merge PR #5793 from @nasbench - Rename Auditd Folder Entries and update SYSCALL field

Nasreddine Bencherchali committed 3mo ago

5656c48

November 21, 2025

Merge PR #5662 from @swachchhanda000 - Cisco ASA/FP SSL VPN Exploit (CVE-2025-20333 / CVE-2025-20362)

Swachchhanda Shrawan Poudel committed 4mo ago

64ba98e

November 1, 2025

Merge PR #5197 from @inthecyber - Add new Fortinet Fortigate rules

InTheCyber committed 4mo ago

4dfbd6b

October 23, 2025

Merge PR #5686 from @mm-abdelghani - Unsigned or Unencrypted SMB Connection to Share Established

mm-abdelghani committed 5mo ago

c470105

September 22, 2025

Merge PR #5175 from @netgrain - Add `WDAC Policy File Creation In CodeIntegrity Folder`

Andreas Braathen committed 6mo ago

35d80c3

June 11, 2025

Merge PR #5416 from @swachchhanda000 - Detection of SAP NetViewer CVE-2025-31324 exploitation via webserver logs

Swachchhanda Shrawan Poudel committed 9mo ago

73ce21b

October 6, 2024

Merge PR #4935 from @frack113 - Add new IIS logsource and related rules

frack113 committed 1y ago

c70fff4

May 10, 2024

Merge PR #4839 from @joshnck - Add `New RDP Connection Initiated From Domain Controller`

Josh committed 1y ago

0192a52

April 25, 2024

Merge PR #4825 from @netgrain - New analytic for CVE-2024-3400

Andreas Braathen committed 1y ago

2ef1a3b

April 24, 2024

Merge PR #4826 from @nasbench - Add coverage for CVE-2024-3400

Nasreddine Bencherchali committed 1y ago

b349447

April 17, 2024

Merge PR #4814 from @nikitah4x - Add new rule to detect MFA bypass in Cisco Duo

nikitah4x committed 1y ago

5b4bfd6

March 26, 2024

Merge PR #4694 from @LAripping - Add native Kubernetes detections

Leo Tsaousis committed 2y ago

0d63f52

March 8, 2024

Merge PR #4695 from @defensivedepth - Add new rules based on OpenCanary tooling

Josh Brower committed 2y ago

eac0426

February 26, 2024

Merge PR #4737 from @faisalusuf - Add New Bitbucket Related Rules

z00t committed 2y ago

dbdf7f2

February 8, 2024

Merge PR #4692 from @jstnk9 - Add new rules related to IExpress abuse

jstnk9 committed 2y ago

5fac8cb

Merge PR #4714 from @douglasrose75 - Add Rule Covering Exploitation Indicators For CVE 2022-42475

Douglas Rose committed 2y ago

a572fc5

November 6, 2023

Merge PR #4521 from @netgrain - Add New Rules Related To Pikabot

Andreas Braathen committed 2y ago

ea4d609

November 3, 2023

Merge PR #4538 from @frack113 - Add Sigma CLI Configuration File

frack113 committed 2y ago

271f972

October 23, 2023

Merge PR #4497 from @ts-lbf - New Rule Related To CVE-2023-20198 Exploitation

ts-lbf committed 2y ago

f928fcb

October 12, 2023

Merge PR #4476 from @nasbench - re-organize cloud folder and other things

Nasreddine Bencherchali committed 2y ago

7364ce0

September 18, 2023

Merge PR #4401 from @cyb3rjy0t - Add New O365 Related Rules

cyb3rjy0t committed 2y ago

229b70f

September 14, 2023

Merge PR #4445 from @MarkMorow - New Azure PIM Rules

Mark Morowczynski committed 2y ago

f28b89c

August 8, 2023

chore: change service name to lowercase

Nasreddine Bencherchali committed 2y ago

67d0d2a

Fix to pass the tests

frack113 committed 2y ago

a66b38d

May 18, 2023

feat: update logsource and rule

Nasreddine Bencherchali committed 2y ago

de9f3a3

May 8, 2023

Review Web logsource

frack113 committed 2y ago

c1a9712

April 11, 2023

feat: new rules, updates and fp fixes (#4162)

Nasreddine Bencherchali committed 3y ago

2710bf4

February 15, 2023

feat: add new application vulnerability rules (#4034)

Moti-H committed 3y ago

ff4242d

January 22, 2023

Small update

frack113 committed 3y ago

2bd14e4

January 21, 2023

feat: update logsource with new service

Nasreddine Bencherchali committed 3y ago

5416935

January 17, 2023

fix: broken logsource

Nasreddine Bencherchali committed 3y ago

1c34049

feat: update config files

Nasreddine Bencherchali committed 3y ago

e5fe4d5

January 13, 2023

Merge pull request #3925 from frack113/lsa-server

frack113 committed 3y ago

2b0b680

fix: apply suggestions from code review

Nasreddine Bencherchali committed 3y ago

c7f1f52

Add lsa-server

frack113 committed 3y ago

deeac89

Add UserName for taskscheduler

frack113 committed 3y ago

2be462d

January 11, 2023

feat: new rules related to appx packages

Nasreddine Bencherchali committed 3y ago

debd658

Merge pull request #3889 from frack113/iso_evtx

frack113 committed 3y ago

fbae1f3

January 10, 2023

Update logsource.json

frack113 committed 3y ago

5cff2d2

January 9, 2023

Add win_vhdmp_mount_iso

frack113 committed 3y ago

9b550f6

January 7, 2023

Filename normalisation

frack113 committed 3y ago

d6059d8

January 4, 2023

remove duplicate value

frack113 committed 3y ago

ed1a91b

update logsource

frack113 committed 3y ago

7d5fb8d

update logsource

frack113 committed 3y ago

756a248

January 2, 2023

feat: add bitlocker channel

Nasreddine Bencherchali committed 3y ago

3bd1255

Use W3C cs-uri-query

frack113 committed 3y ago

c62d624

Use W3C cs-uri-query

frack113 committed 3y ago

41c850e

Update W3C field name

frack113 committed 3y ago

a1a94a0

Update field name

frack113 committed 3y ago

8720356