sigma.errors module¶
Sigma specific errors and exceptions
- exception sigma.errors.ConditionSyntaxError(parsing_error: pyparsing.exceptions.ParseException, fmt: str = 'detection condition: {}')¶
Bases:
sigma.errors.SigmaErrorThe detection.condition field syntax was incorrect
- property column: int¶
- property line: str¶
- property lineno: int¶
- property message: str¶
- exception sigma.errors.DuplicateRuleNameError(name)¶
Bases:
sigma.errors.SigmaErrorThere one or more rules with duplicate names in the given YAML file
- exception sigma.errors.InvalidFieldValueError(field: str, expected: Type, found: Type, modifier: Optional[str] = None)¶
Bases:
sigma.errors.SigmaErrorThe value for a given field is invalid
- exception sigma.errors.InvalidModifierCombinationError(field: str, failed_modifier: str, completed_modifiers: List[str], message: str = 'detections: {field}: {failed_modifier} invalid after {completed_modifiers}')¶
Bases:
sigma.errors.SigmaErrorThe combination of modifiers was invalid
- exception sigma.errors.MissingCorrelationRule¶
Bases:
sigma.errors.SigmaErrorA rule specified in a correlation document was not found
- exception sigma.errors.MultipleCorrelationError¶
Bases:
sigma.errors.SigmaErrorThe given YAML file contained multiple correlation documents
- exception sigma.errors.NoCorrelationDocument¶
Bases:
sigma.errors.SigmaErrorA YAML document contained multiple rules and no correlation
- exception sigma.errors.RuleValidationError(validation: pydantic.error_wrappers.ValidationError)¶
Bases:
sigma.errors.SigmaValidationErrorRaised when a rule schema fails validation
- exception sigma.errors.SerializerNotFound(serializer: str)¶
Bases:
sigma.errors.SigmaError
- exception sigma.errors.SerializerValidationError(validation: pydantic.error_wrappers.ValidationError)¶
Bases:
sigma.errors.SigmaValidationErrorRaised when a serializer config fails validation
- exception sigma.errors.SigmaError¶
Bases:
ExceptionBase generic sigma error. All other sigma errors are subclasses of this.
- exception sigma.errors.SigmaValidationError(validation: pydantic.error_wrappers.ValidationError)¶
Bases:
sigma.errors.SigmaError
- exception sigma.errors.SkipRule¶
Bases:
sigma.errors.SigmaErrorSkip the currently processing rule. This is mainly used during conversion.
- log(rule)¶
Helper method to always log a skipped rule in the same way
- Parameters
rule (sigma.schema.Rule) – the rule that was skipped
- exception sigma.errors.TransformValidationError(validation: pydantic.error_wrappers.ValidationError)¶
Bases:
sigma.errors.SigmaValidationErrorRaised when a transform config fails validation
- exception sigma.errors.UnknownIdentifierError¶
Bases:
sigma.errors.SigmaErrorA requested identifier was not found in the detection.
- exception sigma.errors.UnknownModifierError(field: str, modifier: str, message: str = 'detections: {field}: invalid modifier: {modifier}')¶
Bases:
sigma.errors.SigmaErrorSigma rule specified an invalid field modifier
- exception sigma.errors.UnknownRuleNameError(name)¶
Bases:
sigma.errors.SigmaErrorThe specified rule name (most likely in a correlation) was not found in the document.
- exception sigma.errors.UnknownTransform(transform: str)¶
Bases:
sigma.errors.SigmaError
- exception sigma.errors.UnsupportedFieldComparison(field: str, type_: Type, message: str = 'detections: {field}: invalid comparison: {type_}')¶
Bases:
sigma.errors.SigmaErrorA field comparison was unsupported by the serializer
- exception sigma.errors.UnsupportedSerializerFormat(format: str)¶
Bases:
sigma.errors.SigmaErrorAn unsupported format argument was provided to the
dump()method.