SIgma rules for Elastic SIEM


I need to use Sigma rules repo for my SIEM.
How I can translate sigma to elastic? And how I can perform auto update sigma rules?

Hi @kmz161

We don't currently offer native support for rule converting like that, but there are some 3rd party tools such as 3CoreSec that would be exactly what you're looking for

You can start here


Thanks for answer!

I've added a first set of Sigma rules here.. more to follow:

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.