Skip to content

OCSF-Logrrr/pysigma-pattern-match

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

19 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

pysigma-pattern-match

Python Sigma PySigma Lucene

This repository is part of the WHS 3rd OCSF-based Security Log Integration and Analysis Project. It detects attacks by running Sigma rules (via PySigma) on OCSF logs in Elasticsearch, and uses Python scripts to analyze log patterns by IP for behavior-based detection.

스크린샷 2025-08-04 오전 10 21 12

Directory Structure

pysigma-pattern-match/
├── main.py  #main executable file
├── rule_manager.py  #sigma rules dictionary management
├── state_tracker.py  #pattern-based detection
├── notifier.py  #manage Slack notifications
├── rules/  #rules .yml directory
├── patterns/  #pattern .json directory
└── README.md

3 directories, 24 files

Code Author : @eoadkw, @Pandyo ,@bsk2002

About

This repository contains the pysigma code for pattern-based detection of events detected by sigma rules.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages