Giter Club home page Giter Club logo

pysigma-pipeline-sysmon's Introduction

Tests Coverage Badge Status

pySigma Sysmon Processing Pipeline

This is the Sysmon processing pipeline for pySigma. It provides the package sigma.pipeline.sysmon with the sysmon_pipeline function that returns a ProcessingPipeline object.

Currently the pipeline adds support for the following event types (Sigma logsource category to EventID mapping):

  • process_creation: 1
  • file_change: 2
  • network_connection: 3
  • process_termination: 5
  • sysmon_status: 4,16
  • driver_load: 6
  • image_load: 7
  • create_remote_thread: 8
  • raw_access_thread: 9
  • process_access: 10
  • file_event: 11
  • registry_add: 12
  • registry_delete: 12
  • registry_set: 13
  • registry_rename: 14
  • registry_event: 12,13,14
  • create_stream_hash: 15
  • pipe_created: 17,18
  • wmi_event: 19,20,21
  • dns_query: 22
  • file_delete: 23,26
  • clipboard_capture: 24
  • process_tampering: 25
  • sysmon_error: 255

This backend is currently maintained by:

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.