Crate sigmars

Sigma rule parsing and evaluation

Provides parsing and evaluation of a collection of Sigma rules against log events

Re-exports

pub use event::Event;

pub use rule::SigmaRule;

Modules

event

rule

Structs

MemBackend

An in-memory backend for correlation rules

SigmaCollection

A collection of Sigma rules, with dependency resolution and log source filtering

Traits

Backend

A backend for RuleState

RuleState

manages the state of a correlation rule