From 64d7075268e0255d87f5500353bc8ab1a5d37c58 Mon Sep 17 00:00:00 2001
From: pex7hfbnt <1584881064@qq.com>
Date: Wed, 16 Oct 2024 23:35:26 +0800
Subject: [PATCH] ADD file via upload

---
 source/Get_Latest_Sigma_Rules.sh | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 source/Get_Latest_Sigma_Rules.sh

diff --git a/source/Get_Latest_Sigma_Rules.sh b/source/Get_Latest_Sigma_Rules.sh
new file mode 100644
index 0000000..9a7974a
--- /dev/null
+++ b/source/Get_Latest_Sigma_Rules.sh
@@ -0,0 +1,11 @@
+#!/bin/bash
+echo "Getting Sigma Converter Toot"
+git clone https://github.com/SigmaHQ/legacy-sigmatools.git
+echo "Getting Sigma Rules"
+git clone https://github.com/SigmaHQ/sigma.git
+echo "Converting sigma rules "
+
+legacy-sigmatools/tools/sigmac --recurse --target sqlite  --backend-option table=Events --output-format json -d sigma/rules/windows/ -c lib/config/sigma-converter-rules-config.yml -o rules.json --output-fields title,id,description,author,tags,level,falsepositives,filename,status
+
+
+echo "Rules created with file name : rules.json "