Add Sigma Rule Id and description to results
jvmendezp opened this issue · comments
jvmendezp commented
Hello, thanks a lot for this amazing product.
Currently, Chainsaw result includes the name of matched Sigma rule. Can you include Sigma rule ID and description too?
Sigma ID is not a mandatory field according to https://github.com/SigmaHQ/sigma/wiki/Specification, but it could be nice to know more information about the match from the Sigma rule specification.
Thanks!
jvmendezp commented
Maybe we could set up what Sigma rule field should be in the response output using sigma-mapping.yml
file
Alex Kornitzer commented
This is addressed in v2.0.0-alpha.0