Skip to content

Commit

Permalink
Merge pull request SigmaHQ#1477 from wagga40/master
Browse files Browse the repository at this point in the history 
Resolves SigmaHQ#1450 - Bug in es-rule backend when using "-r" argument
  • Loading branch information
@Neo23x0
Neo23x0 authored May 14, 2021
2 parents bd81adc + 534898a commit 6912836
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions tools/sigma/backends/elasticsearch.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1381,6 +1381,8 @@ def create_rule(self, configs, index):
rule.update({"threshold": self.rule_threshold})
if references:
rule.update({"references": references})
self.rule_type = "query"
self.rule_threshold = {}
return json.dumps(rule)

class KibanaNdjsonBackend(ElasticsearchQuerystringBackend, MultiRuleOutputMixin):
Expand Down

0 comments on commit 6912836

Please sign in to comment.