Graylog and Sigma rules

Dfg · June 2, 2018, 5:46pm

Now I found the project Sigma (Generic Signature Format for SIEM Systems)

Graylog has support (convert generic Sigma rules into Graylog search queries)

What is the best way to load sigma rules for sysmon into the Graylog?
Create for example new stream “sigma-alert”.

jan · June 5, 2018, 6:51am

Sigma rules generate a search query to be used in Graylog.

You would just use the created searches on your already given data and might save them as ‘saved searches’

system · June 19, 2018, 6:51am

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Special Challenge: How to use #sigma rules Graylog Tech Challenges	4	1273	October 22, 2021
Graylog, sysmon and pipeline rules found on this forum (still applies ? ) Graylog Central (peer support) pipeline-rules , sidecar , winlogbeat	3	792	January 18, 2022
[Graylog (SIEM) Lookup Table + Threat Hunting] Free IoC database with more than 59 Million records to detect latest cyber threats Graylog Add-ons	3	583	January 27, 2023
SIEM open source and Graylog Graylog Central (peer support)	2	540	April 9, 2020
Graylog Office 365 Graylog Central (peer support)	8	1456	March 14, 2019