Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit009683e

Browse files
authored
Merge pull request#158 from UncoderIO/gis-8085
GIS-8085 Improve StrictPlatformException and mapping
2 parents7606f21 +a0ee2ba commit009683e

File tree

4 files changed

+31
-5
lines changed

4 files changed

+31
-5
lines changed

‎uncoder-core/app/translator/core/exceptions/core.py‎

Lines changed: 14 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,6 @@
1+
fromtypingimportOptional
2+
3+
14
classNotImplementedException(BaseException):
25
...
36

@@ -7,8 +10,17 @@ class BasePlatformException(BaseException):
710

811

912
classStrictPlatformException(BasePlatformException):
10-
def__init__(self,platform_name:str,field_name:str):
11-
message=f"Platform{platform_name} has strict mapping. Source field{field_name} has no mapping."
13+
field_name:str=None
14+
15+
def__init__(
16+
self,platform_name:str,field_name:str,mapping:str=None,detected_fields:Optional[list]=None
17+
):
18+
message= (
19+
f"Platform{platform_name} has strict mapping. "
20+
f"Source fields:{', '.join(detected_fields)ifdetected_fieldselsefield_name} has no mapping."
21+
f" Mapping file:{mapping}."ifmappingelse""
22+
)
23+
self.field_name=field_name
1224
super().__init__(message)
1325

1426

‎uncoder-core/app/translator/core/render.py‎

Lines changed: 9 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -263,8 +263,16 @@ def apply_token(self, token: Union[FieldValue, Keyword, Identifier], source_mapp
263263

264264
defgenerate_query(self,tokens:list[TOKEN_TYPE],source_mapping:SourceMapping)->str:
265265
result_values= []
266+
not_found_mapping_fields=set()
266267
fortokenintokens:
267-
result_values.append(self.apply_token(token=token,source_mapping=source_mapping))
268+
try:
269+
result_values.append(self.apply_token(token=token,source_mapping=source_mapping))
270+
exceptStrictPlatformExceptionaserr:
271+
not_found_mapping_fields.add(err.field_name)
272+
ifnot_found_mapping_fields:
273+
raiseStrictPlatformException(
274+
self.details.name,"",source_mapping.source_id,sorted(list(not_found_mapping_fields))
275+
)
268276
return"".join(result_values)
269277

270278
defwrap_query_with_meta_info(self,meta_info:MetaInfoContainer,query:str)->str:

‎uncoder-core/app/translator/mappings/platforms/palo_alto_cortex/default.yml‎

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -125,3 +125,4 @@ field_mapping:
125125
SourceOS:xdm.source.host.os
126126
DestinationOS:xdm.target.host.os
127127
url_category:xdm.network.http.url_category
128+
EventSeverity:xdm.alert.severity

‎uncoder-core/app/translator/mappings/platforms/qradar/default.yml‎

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,9 +13,12 @@ field_mapping:
1313
dst-port:
1414
-DstPort
1515
-DestinationPort
16+
-remoteport
1617
dst-hostname:DstHost
1718
src-hostname:SrcHost
18-
src-port:SourcePort
19+
src-port:
20+
-SourcePort
21+
-localport
1922
src-ip:
2023
-sourceip
2124
-source_ip
@@ -27,6 +30,7 @@ field_mapping:
2730
-destination_ip
2831
-destinationIP
2932
-destinationaddress
33+
-destination
3034
User:
3135
-userName
3236
-EventUserName
@@ -64,4 +68,5 @@ field_mapping:
6468
DestinationOS:DestinationOS
6569
TargetUserName:DestinationUserName
6670
SourceUserName:SourceUserName
67-
url_category:XForceCategoryByURL
71+
url_category:XForceCategoryByURL
72+
EventSeverity:EventSeverity

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp