Crate sigma_rust

sigma-rust is a library for parsing and checking Sigma rules against log events.

Structs

Event

The Event struct represents a log event.

Rule

The Rule struct implements the Sigma rule specification 2.0.0 released 08.08.2024.

Functions

check_rule

Check if a rule matches an event

event_from_json

Parse an event from a JSON string

events_from_json

Parse a list of events from a JSON string

rule_from_yaml

Parse a rule from a YAML string