SIgma rules for Elastic SIEM

kmz161 · March 26, 2021, 8:42am

Hello!

I need to use Sigma rules repo for my SIEM.
How I can translate sigma to elastic? And how I can perform auto update sigma rules?

dplumlee · March 26, 2021, 8:26pm

Hi @kmz161

We don't currently offer native support for rule converting like that, but there are some 3rd party tools such as 3CoreSec that would be exactly what you're looking for

austinsonger · March 28, 2021, 5:24pm

You can start here

kmz161 · March 29, 2021, 7:39am

Hello!

Thanks for answer!

Felix_Roessel · April 3, 2021, 4:42am

I've added a first set of Sigma rules here.. more to follow:

Topic		Replies	Views
Sigma detection rules pipeline Elastic Security detection-rules	1	1097	April 25, 2024
Upgrading/Updating SIEM rules SIEM	3	627	March 24, 2022
SIEM open rules Elastic Security	3	701	October 7, 2021
Update detection rules from elastic github repository to on-premises SIEM	3	736	September 1, 2020
SIEM prebuilt rules SIEM	3	824	June 30, 2021

SIgma rules for Elastic SIEM

Related topics