Releases: SigmaHQ/pySigma
v0.11.21
What's Changed
- Propagate errors from SigmaRule to SigmaCollection by @thomaspatzke in #348
- Updated dependencies
Full Changelog: v0.11.20...v0.11.21
Contributors
Assets 2
v0.11.20
What's Changed
- [Sigma Filters] Fixes a bug in condition matching logic by @sifex in #323
- Backport of time modifiers by @thomaspatzke in #337
Full Changelog: v0.11.19...v0.11.20
Contributors
Assets 2
v0.11.19
What's Changed
- Pipeline condition expressions by @thomaspatzke in #254
Full Changelog: v0.11.18...v0.11.19
Contributors
Assets 2
v0.11.18
What's Changed
- Fix: TextQueryBackend chained correlation rules by @m4dh4t in #293
- Added new transformation for creating new fields from Hashes field by @slincoln-systemtwo in #294
- Fix: Allow also Number in Backend Class-Names by @andurin in #295
- Pass backend options to pipeline by @thomaspatzke in #296
Full Changelog: v0.11.17...v0.11.18
Contributors
Assets 2
v0.11.17
What's Changed
- Remove optional fields validator by @frack113 in #281
- String pattern to regular expression conversion by @thomaspatzke in #287
- Introduced interpret_special option to ReplaceStringTransformation by @thomaspatzke in #288
- fix compat with pyparsing 3.2 by @branchvincent in #289
- Python 3.8 EOL by @frack113 in #286
- Additional escape characters in SigmaString.to_regex() by @thomaspatzke in #291
- Allow special characters in startswith, endswith, and contains expressions by @thomaspatzke in #292
New Contributors
- @branchvincent made their first contribution in #289
Full Changelog: v0.11.16...v0.11.17
Contributors
Assets 2
v0.11.16
What's Changed
- Fix Correlation rules finalization by @m4dh4t in #278
- Remove optional fields validator by @frack113 in #281
- Preserve placeholder in ReplaceStringTransformation by @thomaspatzke in #285
- String pattern to regular expression conversion by @thomaspatzke in #287
- Introduced interpret_special option to ReplaceStringTransformation by @thomaspatzke in #288
New Contributors
Full Changelog: v0.11.14...v0.11.16
Contributors
Assets 2
v0.11.15
Ignore this release, it's incomplete. Use v0.11.16 instead!
v0.11.14
What's Changed
- Implement Correlation rules log source condition by @kelnage in #274
- RuleContainsFieldCondition/contains_field by @thomaspatzke in #276
Full Changelog: v0.11.13...v0.11.14
Contributors
Assets 2
v0.11.13
Reversion of Breaking Change
This release reverts a breaking change from v0.11.12 that restricted ReplaceStringTransformation/replace_string to plain SigmaString parts. The old behavior is often used by backends to remove unneeded wildcards. The transformation now allows to switch the behavior to plain string parts with the skip_special option that is disabled by default.
What's Changed
- Taking into account Specification V2 by @frack113 in #269
- Fix ReplaceStringTransformation and SigmaString plain string conversion by @thomaspatzke in #273
Full Changelog: v0.11.12...v0.11.13
Contributors
Assets 2
v0.11.12
Breaking Change
This release introduced a breaking change with the ReplaceStringTransformation/replace_string that restricts replacements to plain SigmaString parts to fix an issue. The fix is reverted in the pySigma release v0.11.13 and allows to swithc to the new behavior. Therefore, it is highly recommended to use the new release to implement pipelines.
What's Changed
- Nested processing pipelines by @thomaspatzke in #270
Full Changelog: v0.11.11...v0.11.12