Refactor codebase

Exceptions.py

@@ -0,0 +1,22 @@
+# To get more information about the errors, user DEBUG verbosity level.
+
+class RuleSyntaxError(Exception):
+    """
+        Error in the RuleSyntax.
+    """
+
+    pass
+
+class CreateRuleViaApiError(Exception):
+    """
+        Error while creating the rule via API. e.g., Invalid SIEM resource
+    """
+
+    pass
+
+class FileExtensionError(Exception):
+    """
+        File extension error, e.g., The SIEM requires a JSON and was provided a file with another extension.
+    """
+
+    pass

README.md

@@ -1,45 +1,41 @@
 # SIEGMA
 
-This project aims to automate the creation of SIEM rule consumables by leveraging a pre-defined set of configurations/mappings and by utilizing the [Sigma](https://github.com/Neo23x0/sigma) rule format and engine.
+This project aims to automate the creation of SIEM rule consumables by leveraging a pre-defined set of configurations/mappings and utilizing the [Sigma](https://github.com/Neo23x0/sigma) rule format and [pySigma](https://pypi.org/project/pysigma/) library in the conversion process.
 
 <p align="center"><img align="center" src="https://i.imgur.com/zrtGgyb.png"></p>
 
 It is also our objective to take a community approach to SIEM schemas, maintaining easy to read data dictionaries while making it trivial to add custom fields based on specific use cases.
 
 For platforms that support it, SIEGMA also enables automatic upload of the SIEM consumable. Check the [Automatic Import](https://github.com/3CORESec/SIEGMA#siem-automatic-import) section for more information.
 
-How does it differ from `sigmac`? The reason we decided to create our own artifacts is to have more control over the mappings and allow for a different level of automation. This project is not mean to be a replacement to Sigma or `sigmac`, especially since it utilizes `sigmac`.
+How does it differ from `pysigma`? The reason we decided to create our own artifacts is to have more control over the mappings and allow for a different level of automation. This project is not mean to be a replacement to Sigma or `pysigma`, especially since it utilizes `pysigma`.
 
 ## Supported SIEM's
 
 - Elastic SIEM
-- Azure Sentinel
+- Azure Sentinel (in development)
 - Splunk (in development)
 
 # Installation
 
-We'll run the software and install dependencies, for both this project as well as Sigma, under a Python virtual environment.
+We'll run the software and install dependencies, for both this project as well as Sigma, under a Python virtual environment using poetry.
 
-`pip3 install pipenv`
+`pip3 install poetry`
 
 - Setup Sigma
-
+ 
 ```
-git clone https://github.com/Neo23x0/sigma
-cd sigma
-pipenv install --skip-lock
+git clone https://github.com/SigmaHQ/sigma.git
 ```
 
 - Setup SIEGMA
 
 ```
 git clone https://github.com/3CORESec/SIEGMA
 cd SIEGMA
-pipenv install
+poetry install
 ```
 
-_Note for Windows users_: Powershell must be enabled for command and script execution. Open `Administrative Powershell` and execute following command: `Set-ExecutionPolicy Bypass`
-
 **Before running SIEGMA:** Sigma rules might not hold all required fields in use by your SIEM. To make sure that all fields are mapped correctly, each product holds a README where we warn you if there are fields that need to be filled before running this software.
 
 Visit your SIEM [config](config/) folder to learn more about this.
@@ -50,11 +46,9 @@ Invoke the script by providing it a Sigma rule or Sigma rule folder as well as t
 
 Activate the virtual environment:
 
-`pipenv shell`
-
-It is recommended to consult the `siegma.py` help, especially for advanced usage instructions:
+`poetry shell`
 
-`python siegma.py -h`
+It is recommended to consult the [docs](docs/) folder for help, especially for advanced usage instructions.
 
 In order to provide examples for each specific platform, we have moved the examples section to their own README section inside of the [config folder](./config) of the SIEM in question.
 
@@ -64,16 +58,9 @@ Please consult each SIEM folder for detailed instructions on how to convert sing
 
 SIEGMA natively makes use of this script for rule format compliance check.
 
-However, to manually check if the rules are in the correct format and processable by SIEGMA, run following commands:
-
-```
-cd helpers
-python check_if_compliant.py -p path/to/rules/directory/
-```
-
 # SIEM Automatic Import
 
-As part of our objective of developing tools, techniques and know-how to [Detection as Code](https://blog.3coresec.com/search/label/Detection), it has always been the goal of this project to allow the usage of SIEGMA in a CI/CD pipeline. Please consult the README of the desired SIEM for additional information on how to enable this feature.
+As part of our objective of developing tools, techniques and know-how to [Detection as Code](https://blog.3coresec.com/search/label/Detection), it has always been the goal of this project to allow the usage of SIEGMA in a CI/CD pipeline. By consulting the [automatic upload](docs/automatic-upload.md) document, you can gain a better understanding of the steps involved.
 
 # Contributions and Development
 
@@ -83,7 +70,7 @@ Want to know more how it all comes together or want to contribute support for a
 
 - Additional platform/SIEM support
   - ~~Elastic SIEM~~
-  - ~~Azure Sentinel~~
+  - Azure Sentinel (To be developed)
   - Splunk (To be developed)
 - Additional Features
   - Elastic
@@ -96,3 +83,13 @@ Found this interesting? Have a question/comment/request? Let us know!
 Feel free to open an [issue](https://github.com/3CORESec/SIEGMA/issues) or ping us on [Twitter](https://twitter.com/3CORESec).
 
 [![Twitter](https://img.shields.io/twitter/follow/3CORESec.svg?style=social&label=Follow)](https://twitter.com/3CORESec)
+
+
+### Authors
+- [heyibrahimkhan](https://github.com/heyibrahimhan)
+
+### Contributors
+- [DiogoBraz](https://github.com/DiogoBraz)
+- [w0rk3r](https://github.com/w0rk3r)
+- [Tiago Faria](https://github.com/0xtf)
+- [wesley587](https://github.com/wesley587)