# pySigma Panther Backend
[](https://github.com/panther-labs/pySigma-backend-panther/actions/workflows/test.yml)
Detailed docs about converting Sigma rules for Panther can be found [here](https://docs.panther.com/panther-developer-workflows/converting-sigma-rules).
This is the `panther` backend for pySigma. It provides the package `sigma.backends.panther` with the `PantherBackend` class.
It supports the following output formats:
- default: [Panther Python Detections](https://docs.panther.com/detections/rules/python) format
- sdyaml (`-f sdyaml`): [Panther YAML Detections](https://docs.panther.com/detections/rules/yaml#simple-detections)
To save each rule in separate file you can use `output_dir` backend option.
```bash
sigma convert -t panther path/to/rules -p panther -O output_dir=output/directory
```
or
```bash
sigma convert -t panther -f sdyaml path/to/rules -p panther -O output_dir=output/directory
```
Further, it contains the following processing pipelines in `sigma.pipelines.panther`:
- panther_pipeline: Convert known Sigma field names into their Panther schema equivalent
## Local setup for development
The project is using [poetry](https://python-poetry.org/) for dependency management,
so after cloning it run: `poetry install` to install all the required dependencies.
Tests can be run with:
```bash
poetry run pytest
```
And rules can be converted with:
```bash
poetry run sigma convert -t panther -f sdyaml -p panther path_to_sigma_rule.yml`
```
Raw data
{
"_id": null,
"home_page": "https://github.com/panther-labs/pySigma-backend-panther",
"name": "pySigma-backend-panther",
"maintainer": "Panther Labs Inc",
"docs_url": null,
"requires_python": "<4.0,>=3.8",
"maintainer_email": "pypi@runpanther.io",
"keywords": null,
"author": "Panther Labs Inc",
"author_email": "pypi@runpanther.io",
"download_url": "https://files.pythonhosted.org/packages/7d/3c/fde48fbcd5d990fcb0adc79a8752925555038eb9621944d6fb4c1f3d2cf2/pysigma_backend_panther-0.2.6.tar.gz",
"platform": null,
"description": "# pySigma Panther Backend\n\n[](https://github.com/panther-labs/pySigma-backend-panther/actions/workflows/test.yml)\n\nDetailed docs about converting Sigma rules for Panther can be found [here](https://docs.panther.com/panther-developer-workflows/converting-sigma-rules).\n\nThis is the `panther` backend for pySigma. It provides the package `sigma.backends.panther` with the `PantherBackend` class.\n\nIt supports the following output formats:\n\n- default: [Panther Python Detections](https://docs.panther.com/detections/rules/python) format\n- sdyaml (`-f sdyaml`): [Panther YAML Detections](https://docs.panther.com/detections/rules/yaml#simple-detections)\n To save each rule in separate file you can use `output_dir` backend option.\n\n```bash\nsigma convert -t panther path/to/rules -p panther -O output_dir=output/directory\n```\n\nor\n\n```bash\nsigma convert -t panther -f sdyaml path/to/rules -p panther -O output_dir=output/directory\n```\n\nFurther, it contains the following processing pipelines in `sigma.pipelines.panther`:\n\n- panther_pipeline: Convert known Sigma field names into their Panther schema equivalent\n\n## Local setup for development\n\nThe project is using [poetry](https://python-poetry.org/) for dependency management,\nso after cloning it run: `poetry install` to install all the required dependencies.\n\nTests can be run with:\n\n```bash\npoetry run pytest\n```\n\nAnd rules can be converted with:\n\n```bash\npoetry run sigma convert -t panther -f sdyaml -p panther path_to_sigma_rule.yml`\n```\n",
"bugtrack_url": null,
"license": "LGPL-3.0-only",
"summary": "pySigma backend for Panther",
"version": "0.2.6",
"project_urls": {
"Homepage": "https://github.com/panther-labs/pySigma-backend-panther",
"Repository": "https://github.com/panther-labs/pySigma-backend-panther"
},
"split_keywords": [],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "84426daeed79bffedb47ad0862c69488a6c3e8d6fe5af9672c5e6c9c1be199f7",
"md5": "18525447158a58ea9561423ee47fb4a1",
"sha256": "e74edffc6d653411c217e201801c7f4b8a5835e96b5e0d3acfc47c771fbe9da5"
},
"downloads": -1,
"filename": "pysigma_backend_panther-0.2.6-py3-none-any.whl",
"has_sig": false,
"md5_digest": "18525447158a58ea9561423ee47fb4a1",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": "<4.0,>=3.8",
"size": 28278,
"upload_time": "2025-01-31T15:56:41",
"upload_time_iso_8601": "2025-01-31T15:56:41.805665Z",
"url": "https://files.pythonhosted.org/packages/84/42/6daeed79bffedb47ad0862c69488a6c3e8d6fe5af9672c5e6c9c1be199f7/pysigma_backend_panther-0.2.6-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "7d3cfde48fbcd5d990fcb0adc79a8752925555038eb9621944d6fb4c1f3d2cf2",
"md5": "d10c45752736c8135e41a3748fbfb3e0",
"sha256": "78dcce30822cd3fba0b6809405c845a5c22a581c4e8cda7cf9653427480ff079"
},
"downloads": -1,
"filename": "pysigma_backend_panther-0.2.6.tar.gz",
"has_sig": false,
"md5_digest": "d10c45752736c8135e41a3748fbfb3e0",
"packagetype": "sdist",
"python_version": "source",
"requires_python": "<4.0,>=3.8",
"size": 20632,
"upload_time": "2025-01-31T15:56:42",
"upload_time_iso_8601": "2025-01-31T15:56:42.706666Z",
"url": "https://files.pythonhosted.org/packages/7d/3c/fde48fbcd5d990fcb0adc79a8752925555038eb9621944d6fb4c1f3d2cf2/pysigma_backend_panther-0.2.6.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-01-31 15:56:42",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "panther-labs",
"github_project": "pySigma-backend-panther",
"travis_ci": false,
"coveralls": false,
"github_actions": true,
"lcname": "pysigma-backend-panther"
}
JSON
