^{Originally posted by mostafa July 19, 2023}
Hey @thomaspatzke,

I've been working on placeholders and found out that if a placeholder is defined in the rule, and there's no matching transformation in any of the provided pipelines, it'll be regarded as an unknown type and a TypeError is raised. The TypeError is caught by the general Exception block and returned with a generic message:

TypeError: unhashable type: 'Placeholder' (while applying processing pipeline on rule /path/to/some_rule.yml)

This is not very useful, so I suggest we catch the exception and modify this line to consider Placeholder a special object to return NO_VALUE_PROVIDED instead. This way, the query is safely converted, yet the value of the placeholder will be NO_VALUE_PROVIDED. I made two fixes to address this, and they more or less do the same thing:

1. https://github.com/mostafa/pySigma/tree/meaningful-placeholders-proposal-1
2. https://github.com/mostafa/pySigma/tree/meaningful-placeholders-proposal-2

I'd be very happy to have your feedback on this. (This look more like an issue, rather than an idea for discussion. 😁)

CC: @kelnage