Tags · killvxk/Zircolite

1.4.0

Added the ability to filter events by date, and to filter rule by name

Updated readme & rulesets

Jun 19, 2021
423f13e
zip
tar.gz

1.3.5

Changed event forwarding. It is now possible to forward to Splunk HEC

Changed Field names to keep case
Added a "showall" option to view all executed rules
Removed "fields" option
Added a "stream" option to forward event after each detection
Updated readme with Splunk HEC

Jun 6, 2021
26cafdb
zip
tar.gz

1.3.1

Updated rules

May 26, 2021
c5032cc
zip
tar.gz

1.3.0

Updated rulesets

May 20, 2021
6d36486
zip
tar.gz

1.3.0b

Changed the file filters functionality (new args : select & avoid)

Updated the readme with details on file filters

May 19, 2021
7fc8fd4
zip
tar.gz

1.2.5

Updated sigmac config & updated rules

Updated rules readme
Bump version to 1.2.5

May 16, 2021
ca09987
zip
tar.gz

1.2.3

Corrected results for rules with aggregate, updated rules

May 11, 2021
c707f80
zip
tar.gz

1.2.2

Updated rules with last sigma repo update

May 5, 2021
d7caced
zip
tar.gz

1.2.1

Updated SIGMAC config files and rules. Removed a lot of false positive

Apr 30, 2021
6ca14a2
zip
tar.gz

1.2.0

Moved zircolite_mp

Apr 18, 2021
2a2f8f6
zip
tar.gz

Previous Next

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

1.4.0

1.3.5

1.3.1

1.3.0

1.3.0b

1.2.5

1.2.3

1.2.2

1.2.1

1.2.0

Tags: killvxk/Zircolite