Error while using sigmac #2217
Error while using sigmac
#2217
-
|
I tried installing it but got an error while converting the rule using sigmac using this command python3 sigmac.py -t splunk -c tools/config/generic/sysmon.yml ./rules/windows/process_creation/win_susp_whoami.yml Error : Failed to open Sigma configuration file tools/config/generic/sysmon.yml: [Errno 2] No such file or directory: 'tools/config/generic/sysmon.yml' |
Beta Was this translation helpful? Give feedback.
Answered by
frack113
Oct 30, 2021
Replies: 1 comment
-
|
Ubuntu 20.04 frack113@frack113-virtual-machine:~/sigma/tools$ python3 sigmac -t splunk -c config/generic/sysmon.yml ../rules/windows/process_creation/win_susp_whoami.yml
(EventID="1" Image="*\\whoami.exe")
frack113@frack113-virtual-machine:~/sigma/tools$
frack113@frack113-virtual-machine:~/sigma/tools$ ./sigmac -t splunk -c config/generic/sysmon.yml ../rules/windows/process_creation/win_susp_whoami.yml
(EventID="1" Image="*\\whoami.exe")
frack113@frack113-virtual-machine:~/sigma/tools$ Windows 10 D:\rootme\sigma\tools>python -V
Python 3.8.1
D:\rootme\sigma\tools>python sigmac -t splunk -c config/generic/sysmon.yml ../rules/windows/process_creation/win_susp_whoami.yml
(EventID="1" Image="*\\whoami.exe") |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
frack113
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Ubuntu 20.04
Windows 10