Open-Awesome
CategoriesAlternativesStacksSelf-HostedExplore
Open-Awesome

© 2026 Open-Awesome. Curated for the developer elite.

TermsPrivacyAboutGitHubRSS
  1. Home
  2. Detection Engineering
  3. Sigma2KQL

Sigma2KQL

Python2025_11_2_Sigma2KQL

Automatically converts Sigma detection rules to Kusto Query Language (KQL) for Microsoft Defender and Sentinel.

Visit WebsiteGitHubGitHub
3 stars0 forks0 contributors

Overview

Sigma Queries turned into KQL for Defender using pysigma - Automated

Quick Stats

Stars3
Forks0
Contributors0
Open Issues0
Last commit10 days ago
CreatedSince 2025

Tags

#detection-as-code#sigma-rules#security-automation#mitre-attack#security-operations#detection-engineering#threat-hunting#kql#threat-detection

Built With

P
Python

Links & Resources

Website

Included in

Security14.2kDetection Engineering1.2k
Auto-fetched 6 days ago

Related Projects

wazuhwazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Stars16,003
Forks2,362
Last commit6 days ago
opensnitchopensnitch

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

Stars13,841
Forks647
Last commit16 days ago
Sigma RulesSigma Rules

Main Sigma Rule Repository

Stars10,681
Forks2,672
Last commit6 days ago
Elastic Detection RulesElastic Detection Rules

Detection Rules is the official repository for the rules used by Elastic Security's Detection Engine. It provides a comprehensive toolkit for security teams to develop, validate, test, and release detection logic in a structured, code-driven manner. This approach enables version control, automated testing, and streamlined integration with the Elastic SIEM. ## Key Features - **Rule Development & Management** — Python module for parsing, validating, and packaging detection rules from TOML files. - **Detections as Code (DaC)** — Full pipeline and CLI tools to manage rules with version control and automated workflows. - **Unit Testing Framework** — Integrated Python testing suite to validate rule logic and ensure reliability. - **Kibana Integration** — Library for API calls to Kibana and the Detection Engine for seamless rule deployment. - **KQL Validation** — Library for parsing and validating Kibana Query Language used in rule conditions. - **Threat Hunting Packages** — Dedicated directory for storing and managing threat hunting queries and packages. ## Philosophy The project embraces a Detections-as-Code philosophy, treating security rules as software artifacts to improve maintainability, collaboration, and automation in threat detection.

Stars2,629
Forks674
Last commit6 days ago
Community-curated · Updated weekly · 100% open source

Found a gem we're missing?

Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.

Submit a projectStar on GitHub