v3.0.0

What's Changed

• Appending functionality to detect product: macos by @IzzyBoop in #22
• Updated to pySigma 1.0

New Contributors

• @IzzyBoop made their first contribution in #22

Full Changelog: v2.0.1...v3.0.0

v2.1.0rc1

Update to pySigma 1.0.0rc1 with minor refactoring to establish compatibility.

v2.0.1

What's Changed

• Escape curly brackets by @moullos in #16
• Removing allowed backends by @moullos in #18
• Fix: preserve placeholders in fields with replacements by @thomaspatzke
• Fix: Trailing wildcards were escaped by string replacement if slash was contained at the end of the string by @thomaspatzke

Full Changelog: v2.0.0...v2.0.1

v2.0.0

What's Changed

• Logscale backend by @moullos
• Addition of LogScale pipeline and extension of pipelines by @thomaspatzke in #8
• FDR pipeline updates by @moullos in #9
• Amended escaped characters by @moullos in #12
• Fix to issue 12 by @moullos in #13

New Contributors

• @moullos made their first contribution in #9

Full Changelog: v1.0.3...v2.0.0

v1.0.3

Update to pySigma 0.11

Full Changelog: v1.0.2...v1.0.3

v1.0.2

Added SyntheticProcessRollup2 event type mapping of process creation events.

v1.0.1

Updated to pySigma 0.10

v1.0.0

• Added plugin metadata
• Relaxed ParentImage restriction: image path patterns without a slash are now allowed, e.g. *name.exe.

pySigma CrowdStrike Pipeline 0.1.8

Updated to pySigma 0.8.

pySigma CrowdStrike Pipeline 0.1.7

Updated to pySigma 0.7.