Sigma results for the file.
List of dictionaries containing aggregated sigma analyses results from all sandbox generated EVTX files. Each item contains the following subfields:
rule_title: <string> matched sigma rule title.rule_source: <string> sigma ruleset where this rule belongs to.match_context: <dictionary> specific matched events. This dictionary contains the following key:values: <list of map<str, str>> all matched events represented as key-value.
rule_level: <string> rule level, can be either of "critical", "high", "medium", "low".rule_description: <string> rule descriptionrule_author: <string> rule authorrule_id: <string> rule ID in Google Threat Intelligence. You can use this to find other files matching this same rule.