Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/obviouslynotraffa/pysigma-backend-surrealql
pySigma backend for converting Sigma rules to SurrealQL queries
https://github.com/obviouslynotraffa/pysigma-backend-surrealql
Last synced: 14 days ago
JSON representation
pySigma backend for converting Sigma rules to SurrealQL queries
- Host: GitHub
- URL: https://github.com/obviouslynotraffa/pysigma-backend-surrealql
- Owner: obviouslynotraffa
- License: lgpl-3.0
- Created: 2024-10-11T20:24:48.000Z (3 months ago)
- Default Branch: main
- Last Pushed: 2024-11-27T22:30:58.000Z (about 1 month ago)
- Last Synced: 2024-11-27T23:25:43.278Z (about 1 month ago)
- Language: Python
- Homepage:
- Size: 69.3 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# pySigma SurrealQL Backend
This is the SurrealQL backend for pySigma. It provides the package `sigma.backends.surrealql` with the `SurrealQLBackend` class.
This backend translates Sigma Rules into SurrealQL syntax to execute queries in SurrealDB. It was developed using the features provided by SurrealDB version 2.0.
It supports the following output formats:
* **default**: plain SurrealQL queries
This project is currently maintained by:
* [obviouslynotraffa](https://github.com/obviouslynotraffa/)
### Known issues/limitations
* This [issue](https://github.com/obviouslynotraffa/pySigma-backend-surrealql/issues/1)
* In the future, `AND` or `OR` lists could be converted into the `IN` operator, but this is not a priority for now
* In SurrealDB, it is necessary to create a specific index beforehand for full-text search functionality