Introduction
Registration
Pre-Requirements & Initial Troubleshooting
Getting Started
Administration Guide
Troubleshooting
Release Notes
Page

Powered by GitBook

On this page

Was this helpful?

Administration Guide

Rules & Policies

SIGMA/YARA Rules

PreviousPolicy Management NextArtifact Collection Parameters

Last updated 4 months ago

SIGMA and YARA rules are managed from this section. Rules can be cloned for editing or new ones can be created.

SIGMA Rules: Sigma rules are managed from this section. The users can edit, clone, or define a new rule in this section. Also, users can import/export rules and force them to run.

Windows YARA Rules: Windows YARA Rules are managed from this section. The users can edit or define a new rule in this section. Also, users can import/export rules.

Convert Rule: This section allows users to convert their sysmon rules for CyberCyte to use it. If the users are already using sysmon, this section will be helpful.