Script does not work #19
Comments
|
I won't be getting back to this for a while most likely. That file its complaining about is a file used for tracking rules from one run of the script to another. You can try deleting it, no idea if that will fix it though. |
|
Hello bro, I deleted it but it is not working :( What should the file contain? Do you have a copy? |
|
Took a quick look, found an unfinished sigma rule from their repo was breaking things. Added a catch to ignore broken rules. Please note though that this script may never be able to convert all the logic in all sigma rules correctly. In other words, a rule may convert without error but the logic could be wrong in the Wazuh rule(s). The conversion can be very complex for some Wazuh rules and I'm not sure I can or have the time to figure it out 100%. |
|
The script is working fine now. Thank you bro, Great job. |
Hello bro,
The script sigma_to_wazuh.py does not work. I tried using different machines and python versions. Here is the error:
[root@localhost sigma_to_wazuh]# python3 sigma_to_wazuh.py
[!] ERROR loading rule id tracking file: ./rule_ids.json
Traceback (most recent call last):
File "sigma_to_wazuh.py", line 961, in
main()
File "sigma_to_wazuh.py", line 935, in main
conditions = convert.fixup_condition(sigma_rule['detection']['condition'])
TypeError: string indices must be integers
Possible to fix the script plz?
Regards,
The text was updated successfully, but these errors were encountered: