Security Operations has been using SIEM’s for many years with varying degrees of deployments, customization, and effectiveness. Like any tool, they need to be sharpened and used correctly. Sigma Rules is an open-source community project that was started a few years ago as a way to create a common language to be used within security operations for SIEM and EDR queries. This enables security operations teams to create queries in the Sigma rule format instead of vendor-specific SIEM languages. The more alerts, the more an engineer must work on, and the more they will miss.
Source: https://thehackernews.com/2021/02/sigma-rules-to-live-your-best-soc-life.html