VAST's Sigma frontend now supports more modifiers. In the Sigma language, modifiers transform predicates in various ways, e.g., to apply a function over a value or to change the operator of a predicate. Modifiers are the customization point to enhance expressiveness of query operations.
The new pySigma effort, which will eventually replace the
now-considered-legacy sigma project, comes with new modifiers as well.
gte provide comparisons over value domains
with a total ordering, e.g., numbers:
x >= 42. In addition, the
modifier interprets a value as subnet, e.g.,
10.0.0.0/8. Richer typing!