Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit94eaf48

Browse files
authored
Merge pull request#216 from UncoderIO/gis-9123
gis-9121 fix sentinel one power query contains modifier
2 parents06a4a94 +24dcab7 commit94eaf48

File tree

7 files changed

+16
-22
lines changed

7 files changed

+16
-22
lines changed

‎uncoder-core/app/translator/platforms/sentinel_one/const.py‎

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -16,5 +16,19 @@
1616
**PLATFORM_DETAILS,
1717
}
1818

19+
DEFAULT_S1EVENTS_CTI_MAPPING= {
20+
"SourceIP":"SrcIP",
21+
"DestinationIP":"DstIP",
22+
"Domain":"DNS",
23+
"URL":"Url",
24+
"HashMd5":"Md5",
25+
"HashSha1":"Sha1",
26+
"HashSha256":"Sha256",
27+
"HashSha512":"Sha512",
28+
"Emails":"emails",
29+
"Files":"TgtFilePath",
30+
}
31+
32+
1933
sentinel_one_events_query_details=PlatformDetails(**SENTINEL_ONE_EVENTS_QUERY_DETAILS)
2034
sentinel_one_power_query_details=PlatformDetails(**SENTINEL_ONE_POWER_QUERY_DETAILS)

‎uncoder-core/app/translator/platforms/sentinel_one/custom_types/__init__.py‎

Whitespace-only changes.

‎uncoder-core/app/translator/platforms/sentinel_one/custom_types/values.py‎

Lines changed: 0 additions & 5 deletions
This file was deleted.

‎uncoder-core/app/translator/platforms/sentinel_one/escape_manager.py‎

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,14 +3,12 @@
33
fromapp.translator.core.custom_types.valuesimportValueType
44
fromapp.translator.core.escape_managerimportEscapeManager
55
fromapp.translator.core.models.escape_detailsimportEscapeDetails
6-
fromapp.translator.platforms.sentinel_one.custom_types.valuesimportSentinelOneValueType
76

87

98
classSentinelOnePowerQueryEscapeManager(EscapeManager):
109
escape_map:ClassVar[dict[str,list[EscapeDetails]]]= {
1110
ValueType.value: [EscapeDetails(pattern=r"\\",escape_symbols=r"\\\\")],
1211
ValueType.regex_value: [EscapeDetails(pattern=r"([$^*+()\[\]{}|.?\-\\])",escape_symbols=r"\\\1")],
13-
SentinelOneValueType.double_escape_regex_value: [EscapeDetails(pattern=r"\\",escape_symbols=r"\\\\")],
1412
}
1513

1614

‎uncoder-core/app/translator/platforms/sentinel_one/mappings/__init__.py‎

Whitespace-only changes.

‎uncoder-core/app/translator/platforms/sentinel_one/mappings/s1_cti.py‎

Lines changed: 0 additions & 12 deletions
This file was deleted.

‎uncoder-core/app/translator/platforms/sentinel_one/renders/s1_cti.py‎

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -20,8 +20,7 @@
2020
fromapp.translator.core.models.platform_detailsimportPlatformDetails
2121
fromapp.translator.core.render_ctiimportRenderCTI
2222
fromapp.translator.managersimportrender_cti_manager
23-
fromapp.translator.platforms.sentinel_one.constimportsentinel_one_events_query_details
24-
fromapp.translator.platforms.sentinel_one.mappings.s1_ctiimportDEFAULT_S1EVENTS_MAPPING
23+
fromapp.translator.platforms.sentinel_one.constimportDEFAULT_S1EVENTS_CTI_MAPPING,sentinel_one_events_query_details
2524

2625

2726
@render_cti_manager.register
@@ -35,4 +34,4 @@ class S1EventsCTI(RenderCTI):
3534
result_join:str=""
3635
final_result_for_many:str="({result})\n"
3736
final_result_for_one:str="{result}\n"
38-
default_mapping=DEFAULT_S1EVENTS_MAPPING
37+
default_mapping=DEFAULT_S1EVENTS_CTI_MAPPING

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp