This is the OSSEM pipeline for pySigma. It contains the ossem_to_sigma processing pipeline in sigma.pipelines.ossem,
that transforms Sigma rules written with the field naming and value formats defined in the OSSEM
project into the default Sigma taxonomy. Example:
title: Rule written with the OSSEM taxonomy.
status: stable
taxonomy: ossem
logsource:
category: process_creation
product: windows
detection:
sel:
process_command_line: whoami
process_file_name: whoami.exe
process_parent_file_name: httpd.exe
condition: selBy preprocessing this rule with the ossem_to_sigma pipeline it can be used like any other Sigma rule written in the
default Sigma taxonomy.
This backend is currently maintained by:
- tbd