VAST's Sigma frontend now supports more modifiers. In the Sigma language, modifiers transform predicates in various ways, e.g., to apply a function over a value or to change the operator of a predicate. Modifiers are the customization point to enhance expressiveness of query operations.
The new pySigma effort, which will eventually replace the
now-considered-legacy sigma project, comes with new modifiers as well.
Most notably, lt, lte, gt, gte provide comparisons over value domains
with a total ordering, e.g., numbers: x >= 42. In addition, the cidr
modifier interprets a value as subnet, e.g., 10.0.0.0/8. Richer typing!