Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Numbers Incorrectly Cast As Strings #1

Closed
7RedViolin opened this issue Jul 24, 2023 · 0 comments · Fixed by #2
Closed

[BUG] Numbers Incorrectly Cast As Strings #1

7RedViolin opened this issue Jul 24, 2023 · 0 comments · Fixed by #2
Assignees
@7RedViolin

Comments

@7RedViolin
Copy link
Owner

When using the sigma rule

title: Test Rule for System Process
status: test
logsource:
    category: process_creation
detection:
    sel:
        ProcessId: 4
    condition: sel

the resulting query is dataset=xdr_data | filter (event_type = ENUM.PROCESS and event_sub_type = ENUM.PROCESS_START) and (action_process_os_pid = "4")

This then throws the error Value 4 for operator = is invalid. expected number but received string
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@7RedViolin 7RedViolin

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix Numbers Incorrectly Cast as Strings 7RedViolin/pySigma-backend-cortexxdr
1 participant
@7RedViolin