diff --git a/siem-converter/app/converter/converter.py b/siem-converter/app/converter/converter.py
index 87652d46..5d1baefb 100644
--- a/siem-converter/app/converter/converter.py
+++ b/siem-converter/app/converter/converter.py
@@ -2,7 +2,7 @@
 
 from app.converter.platforms.roota.parsers.roota import RootAParser
 from app.converter.core.exceptions.core import UnsupportedPlatform
-from app.converter.core.operator_types.output import SiemContainer
+from app.converter.core.models.parser_output import SiemContainer
 from app.converter.managers import RenderManager, ParserManager, render_manager, parser_manager
 from app.converter.tools.decorators import handle_translation_exceptions
 
diff --git a/siem-converter/app/converter/core/operator_types/__init__.py b/siem-converter/app/converter/core/custom_types/__init__.py
similarity index 100%
rename from siem-converter/app/converter/core/operator_types/__init__.py
rename to siem-converter/app/converter/core/custom_types/__init__.py
diff --git a/siem-converter/app/converter/core/operator_types/tokens.py b/siem-converter/app/converter/core/custom_types/tokens.py
similarity index 80%
rename from siem-converter/app/converter/core/operator_types/tokens.py
rename to siem-converter/app/converter/core/custom_types/tokens.py
index c491fe1a..74206dca 100644
--- a/siem-converter/app/converter/core/operator_types/tokens.py
+++ b/siem-converter/app/converter/core/custom_types/tokens.py
@@ -14,7 +14,6 @@ class OperatorType(CustomEnum):
     GTE = ">="
     EQ = "="
     NEQ = "!="
-    COLON = ":"
     CONTAINS = "contains"
     STARTSWITH = "startswith"
     ENDSWITH = "endswith"
@@ -25,8 +24,3 @@ class OperatorType(CustomEnum):
 class GroupType(CustomEnum):
     L_PAREN = "("
     R_PAREN = ")"
-    GROUP = "group"
-
-
-class ValidTokens(LogicalOperatorType, OperatorType, GroupType):
-    pass
diff --git a/siem-converter/app/converter/core/mixins/operator.py b/siem-converter/app/converter/core/mixins/operator.py
index 39a3e27f..fca93a97 100644
--- a/siem-converter/app/converter/core/mixins/operator.py
+++ b/siem-converter/app/converter/core/mixins/operator.py
@@ -19,7 +19,7 @@
 from typing import Union, List, Tuple
 
 from app.converter.core.models.identifier import Identifier
-from app.converter.core.operator_types.tokens import OperatorType
+from app.converter.core.custom_types.tokens import OperatorType
 
 
 class WildCardMixin:
diff --git a/siem-converter/app/converter/core/models/field.py b/siem-converter/app/converter/core/models/field.py
index e881cf3b..61864ee0 100644
--- a/siem-converter/app/converter/core/models/field.py
+++ b/siem-converter/app/converter/core/models/field.py
@@ -2,7 +2,7 @@
 
 from app.converter.core.mapping import SourceMapping
 from app.converter.core.models.identifier import Identifier
-from app.converter.core.operator_types.tokens import OperatorType
+from app.converter.core.custom_types.tokens import OperatorType
 
 
 class Field:
diff --git a/siem-converter/app/converter/core/models/functions/table.py b/siem-converter/app/converter/core/models/functions/table.py
index c8127df3..d4647682 100644
--- a/siem-converter/app/converter/core/models/functions/table.py
+++ b/siem-converter/app/converter/core/models/functions/table.py
@@ -1,4 +1,4 @@
-from app.converter.core.operator_types.tokens import OperatorType
+from app.converter.core.custom_types.tokens import OperatorType
 
 
 class TableField:
diff --git a/siem-converter/app/converter/core/models/identifier.py b/siem-converter/app/converter/core/models/identifier.py
index c62c6bdb..aa0f6f28 100644
--- a/siem-converter/app/converter/core/models/identifier.py
+++ b/siem-converter/app/converter/core/models/identifier.py
@@ -1,12 +1,16 @@
 from dataclasses import dataclass
 
-from app.converter.core.operator_types.tokens import ValidTokens
+from app.converter.core.custom_types.tokens import LogicalOperatorType, OperatorType, GroupType
+
+
+class _IdentifierTokenType(LogicalOperatorType, OperatorType, GroupType):
+    pass
 
 
 @dataclass
 class Identifier:
     def __init__(self, *, token_type: str) -> None:
-        if token_type not in ValidTokens:
+        if token_type not in _IdentifierTokenType:
             raise Exception(f"Unexpected token type: {token_type}")
 
         self.token_type = token_type
diff --git a/siem-converter/app/converter/core/operator_types/output.py b/siem-converter/app/converter/core/models/parser_output.py
similarity index 100%
rename from siem-converter/app/converter/core/operator_types/output.py
rename to siem-converter/app/converter/core/models/parser_output.py
diff --git a/siem-converter/app/converter/core/parser.py b/siem-converter/app/converter/core/parser.py
index 778cda88..ec2ff1bc 100644
--- a/siem-converter/app/converter/core/parser.py
+++ b/siem-converter/app/converter/core/parser.py
@@ -22,7 +22,7 @@
 from app.converter.core.mapping import BasePlatformMappings, SourceMapping
 from app.converter.core.models.field import Field
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
+from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
 from app.converter.core.tokenizer import QueryTokenizer, TOKEN_TYPE
 
 
diff --git a/siem-converter/app/converter/core/render.py b/siem-converter/app/converter/core/render.py
index cf2c97ba..966c80bd 100644
--- a/siem-converter/app/converter/core/render.py
+++ b/siem-converter/app/converter/core/render.py
@@ -26,8 +26,8 @@
 from app.converter.core.models.field import Field, Keyword
 from app.converter.core.models.functions.types import ParsedFunctions
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import MetaInfoContainer
-from app.converter.core.operator_types.tokens import LogicalOperatorType, OperatorType, GroupType
+from app.converter.core.models.parser_output import MetaInfoContainer
+from app.converter.core.custom_types.tokens import LogicalOperatorType, OperatorType, GroupType
 
 
 class BaseQueryFieldValue(ABC):
diff --git a/siem-converter/app/converter/core/tokenizer.py b/siem-converter/app/converter/core/tokenizer.py
index 6dab969c..0ced3889 100644
--- a/siem-converter/app/converter/core/tokenizer.py
+++ b/siem-converter/app/converter/core/tokenizer.py
@@ -27,8 +27,8 @@
 from app.converter.core.mapping import SourceMapping, DEFAULT_MAPPING_NAME, BasePlatformMappings
 from app.converter.core.models.field import Field, Keyword
 from app.converter.core.models.identifier import Identifier
-from app.converter.core.models.group import GroupType
-from app.converter.core.operator_types.tokens import OperatorType
+from app.converter.platforms.sigma.models.group import GroupType
+from app.converter.core.custom_types.tokens import OperatorType
 from app.converter.tools.utils import get_match_group
 
 TOKEN_TYPE = Union[Field, Keyword, Identifier]
diff --git a/siem-converter/app/converter/platforms/athena/parsers/athena.py b/siem-converter/app/converter/platforms/athena/parsers/athena.py
index f1cc04cf..e6309d96 100644
--- a/siem-converter/app/converter/platforms/athena/parsers/athena.py
+++ b/siem-converter/app/converter/platforms/athena/parsers/athena.py
@@ -24,7 +24,7 @@
 from app.converter.platforms.athena.tokenizer import AthenaTokenizer
 from app.converter.core.models.platform_details import PlatformDetails
 from app.converter.core.parser import Parser
-from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
+from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
 
 
 class AthenaParser(Parser):
diff --git a/siem-converter/app/converter/platforms/athena/tokenizer.py b/siem-converter/app/converter/platforms/athena/tokenizer.py
index 4ce65d6d..8debdd11 100644
--- a/siem-converter/app/converter/platforms/athena/tokenizer.py
+++ b/siem-converter/app/converter/platforms/athena/tokenizer.py
@@ -21,7 +21,7 @@
 
 from app.converter.core.models.identifier import Identifier
 from app.converter.core.tokenizer import QueryTokenizer
-from app.converter.core.operator_types.tokens import OperatorType
+from app.converter.core.custom_types.tokens import OperatorType
 from app.converter.tools.utils import get_match_group
 
 
diff --git a/siem-converter/app/converter/platforms/base/lucene/parsers/lucene.py b/siem-converter/app/converter/platforms/base/lucene/parsers/lucene.py
index 52ea134e..d0c51284 100644
--- a/siem-converter/app/converter/platforms/base/lucene/parsers/lucene.py
+++ b/siem-converter/app/converter/platforms/base/lucene/parsers/lucene.py
@@ -21,7 +21,7 @@
 
 from app.converter.platforms.base.lucene.tokenizer import LuceneTokenizer
 from app.converter.core.parser import Parser
-from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
+from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
 
 
 class LuceneParser(Parser):
diff --git a/siem-converter/app/converter/platforms/base/lucene/tokenizer.py b/siem-converter/app/converter/platforms/base/lucene/tokenizer.py
index 3afd2316..0ac47881 100644
--- a/siem-converter/app/converter/platforms/base/lucene/tokenizer.py
+++ b/siem-converter/app/converter/platforms/base/lucene/tokenizer.py
@@ -23,7 +23,7 @@
 from app.converter.core.models.field import Keyword, Field
 from app.converter.core.models.identifier import Identifier
 from app.converter.core.tokenizer import QueryTokenizer
-from app.converter.core.operator_types.tokens import OperatorType
+from app.converter.core.custom_types.tokens import OperatorType
 from app.converter.tools.utils import get_match_group
 
 
diff --git a/siem-converter/app/converter/platforms/base/spl/parsers/spl.py b/siem-converter/app/converter/platforms/base/spl/parsers/spl.py
index 6d5afc62..834d612f 100644
--- a/siem-converter/app/converter/platforms/base/spl/parsers/spl.py
+++ b/siem-converter/app/converter/platforms/base/spl/parsers/spl.py
@@ -22,7 +22,7 @@
 from app.converter.platforms.base.spl.tokenizer import SplTokenizer
 from app.converter.core.models.functions.types import ParsedFunctions
 from app.converter.core.parser import Parser
-from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
+from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
 
 
 class SplParser(Parser):
diff --git a/siem-converter/app/converter/platforms/base/spl/tokenizer.py b/siem-converter/app/converter/platforms/base/spl/tokenizer.py
index fc920181..e0207cd7 100644
--- a/siem-converter/app/converter/platforms/base/spl/tokenizer.py
+++ b/siem-converter/app/converter/platforms/base/spl/tokenizer.py
@@ -20,7 +20,7 @@
 from typing import Tuple, Any
 
 from app.converter.core.tokenizer import QueryTokenizer
-from app.converter.core.operator_types.tokens import OperatorType
+from app.converter.core.custom_types.tokens import OperatorType
 from app.converter.tools.utils import get_match_group
 
 
diff --git a/siem-converter/app/converter/platforms/chronicle/parsers/chronicle.py b/siem-converter/app/converter/platforms/chronicle/parsers/chronicle.py
index 97e0183a..9ab4b12d 100644
--- a/siem-converter/app/converter/platforms/chronicle/parsers/chronicle.py
+++ b/siem-converter/app/converter/platforms/chronicle/parsers/chronicle.py
@@ -23,7 +23,7 @@
 from app.converter.platforms.chronicle.tokenizer import ChronicleQueryTokenizer
 from app.converter.core.models.platform_details import PlatformDetails
 from app.converter.core.parser import Parser
-from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
+from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
 
 
 class ChronicleParser(Parser):
diff --git a/siem-converter/app/converter/platforms/chronicle/parsers/chronicle_rule.py b/siem-converter/app/converter/platforms/chronicle/parsers/chronicle_rule.py
index 36c2fd38..fc08dfe7 100644
--- a/siem-converter/app/converter/platforms/chronicle/parsers/chronicle_rule.py
+++ b/siem-converter/app/converter/platforms/chronicle/parsers/chronicle_rule.py
@@ -25,7 +25,7 @@
 from app.converter.core.exceptions.parser import TokenizerGeneralException
 from app.converter.core.models.platform_details import PlatformDetails
 from app.converter.core.parser import Parser
-from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
+from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
 
 
 class ChronicleRuleParser(Parser):
diff --git a/siem-converter/app/converter/platforms/chronicle/renders/chronicle_rule.py b/siem-converter/app/converter/platforms/chronicle/renders/chronicle_rule.py
index 6a1c27b6..1a485f60 100644
--- a/siem-converter/app/converter/platforms/chronicle/renders/chronicle_rule.py
+++ b/siem-converter/app/converter/platforms/chronicle/renders/chronicle_rule.py
@@ -23,7 +23,7 @@
 from app.converter.platforms.chronicle.const import DEFAULT_CHRONICLE_SECURITY_RULE, chronicle_rule_details
 from app.converter.core.mapping import SourceMapping
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import MetaInfoContainer
+from app.converter.core.models.parser_output import MetaInfoContainer
 from app.converter.tools.utils import concatenate_str, get_author_str
 
 _AUTOGENERATED_TITLE = "Autogenerated Chronicle Security rule"
diff --git a/siem-converter/app/converter/platforms/chronicle/tokenizer.py b/siem-converter/app/converter/platforms/chronicle/tokenizer.py
index a9427911..618d0704 100644
--- a/siem-converter/app/converter/platforms/chronicle/tokenizer.py
+++ b/siem-converter/app/converter/platforms/chronicle/tokenizer.py
@@ -21,7 +21,7 @@
 
 from app.converter.core.exceptions.parser import TokenizerGeneralException
 from app.converter.core.tokenizer import QueryTokenizer
-from app.converter.core.operator_types.tokens import OperatorType
+from app.converter.core.custom_types.tokens import OperatorType
 from app.converter.tools.utils import get_match_group
 
 
diff --git a/siem-converter/app/converter/platforms/elasticsearch/parsers/detection_rule.py b/siem-converter/app/converter/platforms/elasticsearch/parsers/detection_rule.py
index 57fdcb5d..b8e7d6b1 100644
--- a/siem-converter/app/converter/platforms/elasticsearch/parsers/detection_rule.py
+++ b/siem-converter/app/converter/platforms/elasticsearch/parsers/detection_rule.py
@@ -22,7 +22,7 @@
 from app.converter.platforms.elasticsearch.parsers.elasticsearch import ElasticSearchParser
 from app.converter.core.mixins.rule import JsonRuleMixin
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
+from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
 
 
 class ElasticSearchRuleParser(ElasticSearchParser, JsonRuleMixin):
diff --git a/siem-converter/app/converter/platforms/elasticsearch/renders/detection_rule.py b/siem-converter/app/converter/platforms/elasticsearch/renders/detection_rule.py
index a38c7c44..7b6bb031 100644
--- a/siem-converter/app/converter/platforms/elasticsearch/renders/detection_rule.py
+++ b/siem-converter/app/converter/platforms/elasticsearch/renders/detection_rule.py
@@ -25,7 +25,7 @@
 from app.converter.platforms.elasticsearch.renders.elasticsearch import ElasticSearchQueryRender, ElasticSearchFieldValue
 from app.converter.core.mapping import SourceMapping
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import MetaInfoContainer
+from app.converter.core.models.parser_output import MetaInfoContainer
 from app.converter.tools.utils import concatenate_str, get_mitre_attack_str
 
 
diff --git a/siem-converter/app/converter/platforms/elasticsearch/renders/elast_alert.py b/siem-converter/app/converter/platforms/elasticsearch/renders/elast_alert.py
index 1e02c210..a07cac49 100644
--- a/siem-converter/app/converter/platforms/elasticsearch/renders/elast_alert.py
+++ b/siem-converter/app/converter/platforms/elasticsearch/renders/elast_alert.py
@@ -22,7 +22,7 @@
 from app.converter.platforms.elasticsearch.renders.elasticsearch import ElasticSearchQueryRender, ElasticSearchFieldValue
 from app.converter.core.mapping import SourceMapping
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import MetaInfoContainer
+from app.converter.core.models.parser_output import MetaInfoContainer
 from app.converter.tools.utils import get_author_str, concatenate_str, get_mitre_attack_str, get_licence_str
 
 
diff --git a/siem-converter/app/converter/platforms/elasticsearch/renders/kibana.py b/siem-converter/app/converter/platforms/elasticsearch/renders/kibana.py
index 2150642b..6303b6fe 100644
--- a/siem-converter/app/converter/platforms/elasticsearch/renders/kibana.py
+++ b/siem-converter/app/converter/platforms/elasticsearch/renders/kibana.py
@@ -25,7 +25,7 @@
 from app.converter.platforms.elasticsearch.renders.elasticsearch import ElasticSearchQueryRender, ElasticSearchFieldValue
 from app.converter.core.mapping import SourceMapping
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import MetaInfoContainer
+from app.converter.core.models.parser_output import MetaInfoContainer
 from app.converter.tools.utils import concatenate_str, get_author_str, get_licence_str, get_mitre_attack_str, \
     get_rule_id_str, get_references_str
 
diff --git a/siem-converter/app/converter/platforms/elasticsearch/renders/xpack_watcher.py b/siem-converter/app/converter/platforms/elasticsearch/renders/xpack_watcher.py
index 0272f471..98f1bc21 100644
--- a/siem-converter/app/converter/platforms/elasticsearch/renders/xpack_watcher.py
+++ b/siem-converter/app/converter/platforms/elasticsearch/renders/xpack_watcher.py
@@ -25,7 +25,7 @@
 from app.converter.platforms.elasticsearch.const import XPACK_WATCHER_RULE, xpack_watcher_details
 from app.converter.core.mapping import SourceMapping
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import MetaInfoContainer
+from app.converter.core.models.parser_output import MetaInfoContainer
 from app.converter.tools.utils import concatenate_str, get_author_str, get_licence_str, get_mitre_attack_str
 
 
diff --git a/siem-converter/app/converter/platforms/logscale/parsers/logscale.py b/siem-converter/app/converter/platforms/logscale/parsers/logscale.py
index 13fa877f..d7beb82a 100644
--- a/siem-converter/app/converter/platforms/logscale/parsers/logscale.py
+++ b/siem-converter/app/converter/platforms/logscale/parsers/logscale.py
@@ -25,7 +25,7 @@
 from app.converter.platforms.logscale.tokenizer import LogScaleTokenizer
 from app.converter.core.models.platform_details import PlatformDetails
 from app.converter.core.parser import Parser
-from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
+from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
 
 
 class LogScaleParser(Parser):
diff --git a/siem-converter/app/converter/platforms/logscale/parsers/logscale_alert.py b/siem-converter/app/converter/platforms/logscale/parsers/logscale_alert.py
index 7a6484c7..c2584d84 100644
--- a/siem-converter/app/converter/platforms/logscale/parsers/logscale_alert.py
+++ b/siem-converter/app/converter/platforms/logscale/parsers/logscale_alert.py
@@ -22,7 +22,7 @@
 from app.converter.platforms.logscale.parsers.logscale import LogScaleParser
 from app.converter.core.mixins.rule import JsonRuleMixin
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
+from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
 
 
 class LogScaleAlertParser(LogScaleParser, JsonRuleMixin):
diff --git a/siem-converter/app/converter/platforms/logscale/renders/logscale.py b/siem-converter/app/converter/platforms/logscale/renders/logscale.py
index da9dcf4b..b01ca8ce 100644
--- a/siem-converter/app/converter/platforms/logscale/renders/logscale.py
+++ b/siem-converter/app/converter/platforms/logscale/renders/logscale.py
@@ -22,7 +22,7 @@
 from app.converter.platforms.logscale.mapping import LogScaleMappings, logscale_mappings
 from app.converter.core.mapping import SourceMapping
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import MetaInfoContainer
+from app.converter.core.models.parser_output import MetaInfoContainer
 from app.converter.core.render import BaseQueryRender, BaseQueryFieldValue
 
 
diff --git a/siem-converter/app/converter/platforms/logscale/renders/logscale_alert.py b/siem-converter/app/converter/platforms/logscale/renders/logscale_alert.py
index 7e87c267..89341497 100644
--- a/siem-converter/app/converter/platforms/logscale/renders/logscale_alert.py
+++ b/siem-converter/app/converter/platforms/logscale/renders/logscale_alert.py
@@ -24,7 +24,7 @@
 from app.converter.platforms.logscale.const import DEFAULT_LOGSCALE_ALERT, logscale_alert_details
 from app.converter.core.mapping import SourceMapping
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import MetaInfoContainer
+from app.converter.core.models.parser_output import MetaInfoContainer
 
 
 _AUTOGENERATED_TITLE = "Autogenerated Falcon LogScale Alert"
diff --git a/siem-converter/app/converter/platforms/logscale/tokenizer.py b/siem-converter/app/converter/platforms/logscale/tokenizer.py
index 3c02dcd6..dd665c7b 100644
--- a/siem-converter/app/converter/platforms/logscale/tokenizer.py
+++ b/siem-converter/app/converter/platforms/logscale/tokenizer.py
@@ -21,7 +21,7 @@
 
 from app.converter.core.models.field import Keyword, Field
 from app.converter.core.models.identifier import Identifier
-from app.converter.core.operator_types.tokens import GroupType, LogicalOperatorType, OperatorType
+from app.converter.core.custom_types.tokens import GroupType, LogicalOperatorType, OperatorType
 from app.converter.core.tokenizer import QueryTokenizer
 from app.converter.tools.utils import get_match_group
 
diff --git a/siem-converter/app/converter/platforms/microsoft/parsers/microsoft_sentinel.py b/siem-converter/app/converter/platforms/microsoft/parsers/microsoft_sentinel.py
index 32e210d4..dac5851e 100644
--- a/siem-converter/app/converter/platforms/microsoft/parsers/microsoft_sentinel.py
+++ b/siem-converter/app/converter/platforms/microsoft/parsers/microsoft_sentinel.py
@@ -25,7 +25,7 @@
 from app.converter.core.models.functions.types import ParsedFunctions
 from app.converter.core.models.platform_details import PlatformDetails
 from app.converter.core.parser import Parser
-from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
+from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
 
 
 class MicrosoftParser(Parser):
diff --git a/siem-converter/app/converter/platforms/microsoft/parsers/microsoft_sentinel_rule.py b/siem-converter/app/converter/platforms/microsoft/parsers/microsoft_sentinel_rule.py
index 156914ac..5b884140 100644
--- a/siem-converter/app/converter/platforms/microsoft/parsers/microsoft_sentinel_rule.py
+++ b/siem-converter/app/converter/platforms/microsoft/parsers/microsoft_sentinel_rule.py
@@ -22,7 +22,7 @@
 from app.converter.platforms.microsoft.parsers.microsoft_sentinel import MicrosoftParser
 from app.converter.core.mixins.rule import JsonRuleMixin
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
+from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
 
 
 class MicrosoftRuleParser(MicrosoftParser, JsonRuleMixin):
diff --git a/siem-converter/app/converter/platforms/microsoft/renders/microsoft_sentinel_rule.py b/siem-converter/app/converter/platforms/microsoft/renders/microsoft_sentinel_rule.py
index 78ad74c7..80c69551 100644
--- a/siem-converter/app/converter/platforms/microsoft/renders/microsoft_sentinel_rule.py
+++ b/siem-converter/app/converter/platforms/microsoft/renders/microsoft_sentinel_rule.py
@@ -19,7 +19,6 @@
 
 import copy
 import json
-import re
 
 from app.converter.platforms.microsoft.renders.microsoft_sentinel import (
     MicrosoftSentinelQueryRender,
@@ -28,7 +27,7 @@
 from app.converter.platforms.microsoft.const import DEFAULT_MICROSOFT_SENTINEL_RULE, microsoft_sentinel_rule_details
 from app.converter.core.mapping import SourceMapping
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import MetaInfoContainer
+from app.converter.core.models.parser_output import MetaInfoContainer
 from app.converter.tools.utils import concatenate_str, get_author_str, get_licence_str
 
 
diff --git a/siem-converter/app/converter/platforms/microsoft/tokenizer.py b/siem-converter/app/converter/platforms/microsoft/tokenizer.py
index 4eafb3f6..e0f57842 100644
--- a/siem-converter/app/converter/platforms/microsoft/tokenizer.py
+++ b/siem-converter/app/converter/platforms/microsoft/tokenizer.py
@@ -21,7 +21,7 @@
 
 from app.converter.core.mixins.operator import OperatorBasedMixin
 from app.converter.core.tokenizer import QueryTokenizer
-from app.converter.core.operator_types.tokens import OperatorType
+from app.converter.core.custom_types.tokens import OperatorType
 from app.converter.tools.utils import get_match_group
 
 
diff --git a/siem-converter/app/converter/platforms/opensearch/renders/opensearch_rule.py b/siem-converter/app/converter/platforms/opensearch/renders/opensearch_rule.py
index 7c24d0a8..38fc8f11 100644
--- a/siem-converter/app/converter/platforms/opensearch/renders/opensearch_rule.py
+++ b/siem-converter/app/converter/platforms/opensearch/renders/opensearch_rule.py
@@ -25,7 +25,7 @@
 from app.converter.platforms.opensearch.renders.opensearch import OpenSearchQueryRender, OpenSearchFieldValue
 from app.converter.core.mapping import SourceMapping
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import MetaInfoContainer
+from app.converter.core.models.parser_output import MetaInfoContainer
 
 
 SEVERITIES_MAP = {"informational": "5", "low": "4", "medium": "3", "high": "2", "critical": "1"}
diff --git a/siem-converter/app/converter/platforms/qradar/parsers/qradar.py b/siem-converter/app/converter/platforms/qradar/parsers/qradar.py
index e9135e61..3382ecb3 100644
--- a/siem-converter/app/converter/platforms/qradar/parsers/qradar.py
+++ b/siem-converter/app/converter/platforms/qradar/parsers/qradar.py
@@ -25,7 +25,7 @@
 from app.converter.platforms.qradar.tokenizer import QradarTokenizer
 from app.converter.core.models.platform_details import PlatformDetails
 from app.converter.core.parser import Parser
-from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
+from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
 from app.converter.tools.utils import get_match_group
 
 
diff --git a/siem-converter/app/converter/platforms/qradar/tokenizer.py b/siem-converter/app/converter/platforms/qradar/tokenizer.py
index 680d6a0b..fe36f8ad 100644
--- a/siem-converter/app/converter/platforms/qradar/tokenizer.py
+++ b/siem-converter/app/converter/platforms/qradar/tokenizer.py
@@ -23,7 +23,7 @@
 from app.converter.core.models.field import Keyword
 from app.converter.core.models.identifier import Identifier
 from app.converter.core.tokenizer import QueryTokenizer
-from app.converter.core.operator_types.tokens import OperatorType
+from app.converter.core.custom_types.tokens import OperatorType
 from app.converter.tools.utils import get_match_group
 
 
diff --git a/siem-converter/app/converter/platforms/roota/parsers/roota.py b/siem-converter/app/converter/platforms/roota/parsers/roota.py
index c7690d64..28519cb8 100644
--- a/siem-converter/app/converter/platforms/roota/parsers/roota.py
+++ b/siem-converter/app/converter/platforms/roota/parsers/roota.py
@@ -18,7 +18,7 @@
 
 from app.converter.core.exceptions.core import UnsupportedRootAParser, RootARuleValidationException
 from app.converter.core.mixins.rule import YamlRuleMixin
-from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
+from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
 from app.converter.core.parser import Parser
 from app.converter.managers import parser_manager
 
diff --git a/siem-converter/app/converter/core/compiler.py b/siem-converter/app/converter/platforms/sigma/models/compiler.py
similarity index 92%
rename from siem-converter/app/converter/core/compiler.py
rename to siem-converter/app/converter/platforms/sigma/models/compiler.py
index e7522b92..a69c948c 100644
--- a/siem-converter/app/converter/core/compiler.py
+++ b/siem-converter/app/converter/platforms/sigma/models/compiler.py
@@ -17,10 +17,10 @@
 """
 
 from app.converter.core.models.field import Field, Keyword
-from app.converter.core.models.group import Group
+from app.converter.platforms.sigma.models.group import Group
 from app.converter.core.models.identifier import Identifier
-from app.converter.core.models.operator import Operator, NOT
-from app.converter.core.operator_types.tokens import LogicalOperatorType, GroupType
+from app.converter.platforms.sigma.models.operator import Operator, NOT
+from app.converter.core.custom_types.tokens import LogicalOperatorType, GroupType
 
 
 class DataStructureCompiler:
diff --git a/siem-converter/app/converter/core/models/group.py b/siem-converter/app/converter/platforms/sigma/models/group.py
similarity index 93%
rename from siem-converter/app/converter/core/models/group.py
rename to siem-converter/app/converter/platforms/sigma/models/group.py
index d78eb8e8..b61c50d4 100644
--- a/siem-converter/app/converter/core/models/group.py
+++ b/siem-converter/app/converter/platforms/sigma/models/group.py
@@ -1,9 +1,7 @@
-from app.converter.core.models.operator import OR, AND, NOT
-from app.converter.core.operator_types.tokens import GroupType
+from app.converter.platforms.sigma.models.operator import OR, AND, NOT
 
 
 class Group:
-    token_type = GroupType.GROUP
     parent_group = []
     sub_group = None
     last_field = None
diff --git a/siem-converter/app/converter/platforms/sigma/models/modifiers.py b/siem-converter/app/converter/platforms/sigma/models/modifiers.py
index 847258ce..6d1f1d83 100644
--- a/siem-converter/app/converter/platforms/sigma/models/modifiers.py
+++ b/siem-converter/app/converter/platforms/sigma/models/modifiers.py
@@ -2,7 +2,7 @@
 
 from app.converter.core.models.field import Field
 from app.converter.core.models.identifier import Identifier
-from app.converter.core.operator_types.tokens import LogicalOperatorType, OperatorType, GroupType
+from app.converter.core.custom_types.tokens import LogicalOperatorType, OperatorType, GroupType
 
 
 class ModifierManager:
diff --git a/siem-converter/app/converter/core/models/operator.py b/siem-converter/app/converter/platforms/sigma/models/operator.py
similarity index 93%
rename from siem-converter/app/converter/core/models/operator.py
rename to siem-converter/app/converter/platforms/sigma/models/operator.py
index c59c24f2..7c60f4d9 100644
--- a/siem-converter/app/converter/core/models/operator.py
+++ b/siem-converter/app/converter/platforms/sigma/models/operator.py
@@ -1,6 +1,6 @@
 from abc import ABC
 
-from app.converter.core.operator_types.tokens import LogicalOperatorType
+from app.converter.core.custom_types.tokens import LogicalOperatorType
 
 
 class BaseOperator(ABC):
diff --git a/siem-converter/app/converter/platforms/sigma/parsers/sigma.py b/siem-converter/app/converter/platforms/sigma/parsers/sigma.py
index a9635a38..b41a38f8 100644
--- a/siem-converter/app/converter/platforms/sigma/parsers/sigma.py
+++ b/siem-converter/app/converter/platforms/sigma/parsers/sigma.py
@@ -28,7 +28,7 @@
 from app.converter.core.mixins.rule import YamlRuleMixin
 from app.converter.core.models.field import Field
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
+from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
 
 
 class SigmaParser(YamlRuleMixin):
diff --git a/siem-converter/app/converter/platforms/sigma/renders/sigma.py b/siem-converter/app/converter/platforms/sigma/renders/sigma.py
index 2ade383d..a1dd5c17 100644
--- a/siem-converter/app/converter/platforms/sigma/renders/sigma.py
+++ b/siem-converter/app/converter/platforms/sigma/renders/sigma.py
@@ -23,16 +23,16 @@
 
 from app.converter.platforms.sigma.const import SIGMA_RULE_DETAILS
 from app.converter.platforms.sigma.mapping import SigmaMappings, sigma_mappings, SigmaLogSourceSignature
-from app.converter.core.compiler import DataStructureCompiler
+from app.converter.platforms.sigma.models.compiler import DataStructureCompiler
 from app.converter.core.exceptions.core import StrictPlatformFieldException
 from app.converter.core.mapping import SourceMapping, DEFAULT_MAPPING_NAME
 from app.converter.core.models.field import Field, Keyword
 from app.converter.core.models.functions.types import ParsedFunctions
-from app.converter.core.models.group import Group
-from app.converter.core.models.operator import OR, AND, NOT
+from app.converter.platforms.sigma.models.group import Group
+from app.converter.platforms.sigma.models.operator import OR, AND, NOT
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import MetaInfoContainer
-from app.converter.core.operator_types.tokens import OperatorType
+from app.converter.core.models.parser_output import MetaInfoContainer
+from app.converter.core.custom_types.tokens import OperatorType
 
 
 class SigmaRender:
diff --git a/siem-converter/app/converter/platforms/sigma/tokenizer.py b/siem-converter/app/converter/platforms/sigma/tokenizer.py
index 9d16da6c..b73e8515 100644
--- a/siem-converter/app/converter/platforms/sigma/tokenizer.py
+++ b/siem-converter/app/converter/platforms/sigma/tokenizer.py
@@ -23,7 +23,7 @@
 from app.converter.core.exceptions.parser import TokenizerGeneralException
 from app.converter.core.models.field import Field, Keyword
 from app.converter.core.models.identifier import Identifier
-from app.converter.core.operator_types.tokens import GroupType, LogicalOperatorType
+from app.converter.core.custom_types.tokens import GroupType, LogicalOperatorType
 from app.converter.core.tokenizer import QueryTokenizer
 
 
diff --git a/siem-converter/app/converter/platforms/splunk/parsers/splunk_alert.py b/siem-converter/app/converter/platforms/splunk/parsers/splunk_alert.py
index 3763720a..74fab0b0 100644
--- a/siem-converter/app/converter/platforms/splunk/parsers/splunk_alert.py
+++ b/siem-converter/app/converter/platforms/splunk/parsers/splunk_alert.py
@@ -22,7 +22,7 @@
 from app.converter.platforms.splunk.const import splunk_alert_details
 from app.converter.platforms.splunk.parsers.splunk import SplunkParser
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
+from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
 
 
 class SplunkAlertParser(SplunkParser):
diff --git a/siem-converter/app/converter/platforms/splunk/renders/splunk_alert.py b/siem-converter/app/converter/platforms/splunk/renders/splunk_alert.py
index f16b9efd..dc80a8e3 100644
--- a/siem-converter/app/converter/platforms/splunk/renders/splunk_alert.py
+++ b/siem-converter/app/converter/platforms/splunk/renders/splunk_alert.py
@@ -21,7 +21,7 @@
 from app.converter.platforms.splunk.const import DEFAULT_SPLUNK_ALERT, splunk_alert_details
 from app.converter.core.mapping import SourceMapping
 from app.converter.core.models.platform_details import PlatformDetails
-from app.converter.core.operator_types.output import MetaInfoContainer
+from app.converter.core.models.parser_output import MetaInfoContainer
 
 
 _AUTOGENERATED_TITLE = "Autogenerated Splunk Alert"

<!DOCTYPE html PUBLIC '-//W3C//DTD XHTML 1.0 Transitional//EN' 'http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd'>
<html xmlns='http://www.w3.org/1999/xhtml'>
<head>
<title>pFad - Phonifier reborn</title>
<meta http-equiv='Content-Type' content='text/html; charset=utf-8' />
</head>
<body>
<h1>Pfad - The Proxy pFad of &#169; 2024 Garber Painting. All rights reserved.</h1>


<!-- Disclaimer -->
<p>Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.</p>
<br>
<p>Alternative Proxies:</p><p><a href="http://rainy.clevelandohioweatherforecast.com/php-proxy/index.php?q=https://patch-diff.githubusercontent.com/raw/UncoderIO/Uncoder_IO/pull/16.diff" target="_blank">Alternative Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/index.php?u=https://patch-diff.githubusercontent.com/raw/UncoderIO/Uncoder_IO/pull/16.diff" target="_blank">pFad Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v3index.php?u=https://patch-diff.githubusercontent.com/raw/UncoderIO/Uncoder_IO/pull/16.diff" target="_blank">pFad v3 Proxy</a></p><p><a href="http://rainy.clevelandohioweatherforecast.com/pFad/v4index.php?u=https://patch-diff.githubusercontent.com/raw/UncoderIO/Uncoder_IO/pull/16.diff" target="_blank">pFad v4 Proxy</a></p></body>
</html>