# pySigma Panther Backend
[](https://github.com/panther-labs/pySigma-backend-panther/actions/workflows/test.yml)
Detailed docs about converting Sigma rules for Panther can be found [here](https://docs.panther.com/panther-developer-workflows/converting-sigma-rules).
This is the `panther` backend for pySigma. It provides the package `sigma.backends.panther` with the `PantherBackend` class.
It supports the following output formats:
- default: [Panther Python Detections](https://docs.panther.com/detections/rules/python) format
- sdyaml (`-f sdyaml`): [Panther YAML Detections](https://docs.panther.com/detections/rules/yaml#simple-detections)
To save each rule in separate file you can use `output_dir` backend option.
```bash
sigma convert -t panther path/to/rules -p panther -O output_dir=output/directory
```
or
```bash
sigma convert -t panther -f sdyaml path/to/rules -p panther -O output_dir=output/directory
```
Further, it contains the following processing pipelines in `sigma.pipelines.panther`:
- panther_pipeline: Convert known Sigma field names into their Panther schema equivalent
## Local setup for development
The project is using [poetry](https://python-poetry.org/) for dependency management,
so after cloning it run: `poetry install` to install all the required dependencies.
Tests can be run with:
```bash
poetry run pytest
```
And rules can be converted with:
```bash
poetry run sigma convert -t panther -f sdyaml -p panther path_to_sigma_rule.yml`
```
Raw data
{
"_id": null,
"home_page": "https://github.com/panther-labs/pySigma-backend-panther",
"name": "pySigma-backend-panther",
"maintainer": "Panther Labs Inc",
"docs_url": null,
"requires_python": "<4.0,>=3.8",
"maintainer_email": "pypi@runpanther.io",
"keywords": null,
"author": "Panther Labs Inc",
"author_email": "pypi@runpanther.io",
"download_url": "https://files.pythonhosted.org/packages/7d/41/374eb3bea68643c2a521887a424b493f3898f85e858eddaeec8a0f44dbdc/pysigma_backend_panther-0.2.7.tar.gz",
"platform": null,
"description": "# pySigma Panther Backend\n\n[](https://github.com/panther-labs/pySigma-backend-panther/actions/workflows/test.yml)\n\nDetailed docs about converting Sigma rules for Panther can be found [here](https://docs.panther.com/panther-developer-workflows/converting-sigma-rules).\n\nThis is the `panther` backend for pySigma. It provides the package `sigma.backends.panther` with the `PantherBackend` class.\n\nIt supports the following output formats:\n\n- default: [Panther Python Detections](https://docs.panther.com/detections/rules/python) format\n- sdyaml (`-f sdyaml`): [Panther YAML Detections](https://docs.panther.com/detections/rules/yaml#simple-detections)\n To save each rule in separate file you can use `output_dir` backend option.\n\n```bash\nsigma convert -t panther path/to/rules -p panther -O output_dir=output/directory\n```\n\nor\n\n```bash\nsigma convert -t panther -f sdyaml path/to/rules -p panther -O output_dir=output/directory\n```\n\nFurther, it contains the following processing pipelines in `sigma.pipelines.panther`:\n\n- panther_pipeline: Convert known Sigma field names into their Panther schema equivalent\n\n## Local setup for development\n\nThe project is using [poetry](https://python-poetry.org/) for dependency management,\nso after cloning it run: `poetry install` to install all the required dependencies.\n\nTests can be run with:\n\n```bash\npoetry run pytest\n```\n\nAnd rules can be converted with:\n\n```bash\npoetry run sigma convert -t panther -f sdyaml -p panther path_to_sigma_rule.yml`\n```\n",
"bugtrack_url": null,
"license": "LGPL-3.0-only",
"summary": "pySigma backend for Panther",
"version": "0.2.7",
"project_urls": {
"Homepage": "https://github.com/panther-labs/pySigma-backend-panther",
"Repository": "https://github.com/panther-labs/pySigma-backend-panther"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "922a364f0b39366e7cb221b757d87aa7a99147c7b31eb890b27abe6ce505758f",
"md5": "bfd647da35ce3d823826c3e564184cda",
"sha256": "13d186de7d63da478e48ec7e174237ba799dfac49466c89862e6ca00191432af"
},
"downloads": -1,
"filename": "pysigma_backend_panther-0.2.7-py3-none-any.whl",
"has_sig": false,
"md5_digest": "bfd647da35ce3d823826c3e564184cda",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.8",
"size": 29584,
"upload_time": "2025-04-02T14:13:56",
"upload_time_iso_8601": "2025-04-02T14:13:56.135394Z",
"url": "https://files.pythonhosted.org/packages/92/2a/364f0b39366e7cb221b757d87aa7a99147c7b31eb890b27abe6ce505758f/pysigma_backend_panther-0.2.7-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "7d41374eb3bea68643c2a521887a424b493f3898f85e858eddaeec8a0f44dbdc",
"md5": "c2c0b6fd40b81e9cbdaf48c57933c5b4",
"sha256": "44a04cc44046ae12ce2d450884937a42dd44692a68e02da39a96ee6870442750"
},
"downloads": -1,
"filename": "pysigma_backend_panther-0.2.7.tar.gz",
"has_sig": false,
"md5_digest": "c2c0b6fd40b81e9cbdaf48c57933c5b4",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.8",
"size": 21301,
"upload_time": "2025-04-02T14:13:57",
"upload_time_iso_8601": "2025-04-02T14:13:57.171985Z",
"url": "https://files.pythonhosted.org/packages/7d/41/374eb3bea68643c2a521887a424b493f3898f85e858eddaeec8a0f44dbdc/pysigma_backend_panther-0.2.7.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-04-02 14:13:57",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "panther-labs",
"github_project": "pySigma-backend-panther",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "pysigma-backend-panther"
}
JSON
