Detection where you need it most.
It's a match!
What is sigmalite
Sigmalite is a Go library that can evaluate sigma rules. It's written in Go and released under the Apache 2.0 license.
Why did we built sigmalite?
The sigma spec is well liked by security folks, but sigma rules are required to be translated to a target SIEM format. Sigmalite allows you to run sigma rules without translation. This allows sigma rules to be evaluated anywhere, not just proprietary expensive SIEM products
Where's the code?
The sigmalite source code is available on GitHub. You can find it here!
What sigma modifiers are supported by sigmalite?
We support all modifiers except for gt, gte, lt, lte, and the utf16 suite of modifiers.
What sigma conditions are supported by sigmalite?
We support all condition syntaxes.
