qrz.is/content/post/2018-04-29-correlation-rule-documentation-generator-for-mcafee-siem.md

---
title: Correlation Rule Documentation Generator for McAfee SIEM
author: micha
date: 2018-04-29T13:09:57+00:00
url: /correlation-rule-documentation-generator-for-mcafee-siem/
categories:
  - Uncategorized

---
Since we are required to document all custom correlation rules inside our SIEM (McAfee Enterprise Security Manager) for our customers, I wrote a Python script that converts XML rule exports to Markdown. Afterwards its easy to convert teh resulting file e.g. to PDF, DOCX, HTML or even variuous wiki-formats with e.g. Pandoc. This way it&#8217;s possible to generate a PDF documentation of all rules with just a few clicks/commands.

![image][1]

On the long shot that this is useful for you, you can find the script [here][2].

 [1]: /img/esm2markdown.png
 [2]: https://git.qrz.is/clemens/esm2markdown
initial commit 2021-07-13 19:53:07 -04:00			`---`
			`title: Correlation Rule Documentation Generator for McAfee SIEM`
			`author: micha`
			`date: 2018-04-29T13:09:57+00:00`
			`url: /correlation-rule-documentation-generator-for-mcafee-siem/`
			`categories:`
			`- Uncategorized`

			`---`
			`Since we are required to document all custom correlation rules inside our SIEM (McAfee Enterprise Security Manager) for our customers, I wrote a Python script that converts XML rule exports to Markdown. Afterwards its easy to convert teh resulting file e.g. to PDF, DOCX, HTML or even variuous wiki-formats with e.g. Pandoc. This way it’s possible to generate a PDF documentation of all rules with just a few clicks/commands.`

			`![image][1]`

changed all github links to git.qrz.is 2021-07-16 04:49:30 -04:00			`On the long shot that this is useful for you, you can find the script [here][2].`
initial commit 2021-07-13 19:53:07 -04:00
			`[1]: /img/esm2markdown.png`
changed all github links to git.qrz.is 2021-07-16 04:49:30 -04:00			`[2]: https://git.qrz.is/clemens/esm2markdown`