add microsoft365defender plugin to common

redcanaryco · Sep 19, 2024 · 8daf7bd · 8daf7bd
1 parent b835d18
commit 8daf7bd
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/common.py b/common.py
@@ -185,6 +185,7 @@ def sigma_translation(product: str, sigma_rules: list, pq: bool = False) -> dict
  backend = SentinelOneBackend()
  elif product == 'dfe':
  supports_json_ouput = False
+ plugins.get_plugin_by_id('microsoft365defender').install()
  from sigma.backends.kusto import KustoBackend # type: ignore
  from sigma.pipelines.microsoft365defender import microsoft_365_defender_pipeline 
  backend = KustoBackend(microsoft_365_defender_pipeline())