Converter

Detection Format Converter

Translate detections between Sigma, Splunk SPL, and PySpark with validation and translation notes.

Input Format

Output Format

Load sample:

Sigma YAML

Input

Splunk SPL

Press Convert to generate output

Useful Resources

Official Sigma HQ documentation — rule syntax, field modifiers, logsource definitions, and condition logic.

Splunk Search Processing Language reference — commands, functions, eval expressions, and search optimization.

Apache Spark Python API reference — DataFrame operations, SQL functions, window functions, and streaming.