Expand description
Rule evaluation engine with logsource routing.
The Engine manages a set of compiled Sigma rules and evaluates events
against them. It supports optional logsource-based pre-filtering to
reduce the number of rules evaluated per event.
Structs§
- Engine
- The main rule evaluation engine.