Expand description
sigma-rust
is a library for parsing and checking Sigma rules against log events.
Structs§
- Event
- The
Event
struct represents a log event. - Rule
- The
Rule
struct implements the Sigma rule specification 2.0.0 released 08.08.2024.
Functions§
- check_
rule - Check if a rule matches an event
- event_
from_ json - Parse an event from a JSON string
- events_
from_ json - Parse a list of events from a JSON string
- rule_
from_ yaml - Parse a rule from a YAML string