Skip to content

Commit 9a8bdba

Browse files
nazargesyknazargesyk
authored
Merge branch 'main' into gis-8502
2 parents b3c577b + 2c82341 commit 9a8bdba

File tree

7 files changed

+65
-5
lines changed

7 files changed

+65
-5
lines changed

uncoder-core/app/translator/core/mapping.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -116,7 +116,7 @@ def prepare_mapping(self) -> dict[str, SourceMapping]:
116116
default_mapping = SourceMapping(source_id=DEFAULT_MAPPING_NAME)
117117
for mapping_dict in self._loader.load_platform_mappings(self._platform_dir):
118118
log_source_signature = self.prepare_log_source_signature(mapping=mapping_dict)
119-
if (source_id := mapping_dict["source"]) == DEFAULT_MAPPING_NAME:
119+
if (source_id := mapping_dict.get("source")) == DEFAULT_MAPPING_NAME:
120120
default_mapping.log_source_signature = log_source_signature
121121
if self.skip_load_default_mappings:
122122
continue

uncoder-core/app/translator/core/mitre.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -189,7 +189,7 @@ def __load_mitre_configs_from_files(self) -> None:
189189
technique_id=technique_data["technique_id"],
190190
name=technique_data["technique"],
191191
url=technique_data["url"],
192-
tactic=technique_data["tactic"],
192+
tactic=technique_data.get("tactic", []),
193193
)
194194
self.techniques.insert(technique_id, technique)
195195
except JSONDecodeError:

uncoder-core/app/translator/core/parser.py

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -83,4 +83,3 @@ def get_source_mappings(
8383
source_mappings = self.mappings.get_suitable_source_mappings(field_names=field_names, log_sources=log_sources)
8484
self.tokenizer.set_field_tokens_generic_names_map(field_tokens, source_mappings, self.mappings.default_mapping)
8585
return source_mappings
86-

uncoder-core/app/translator/platforms/base/aql/mapping.py

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -48,7 +48,7 @@ class AQLMappings(BasePlatformMappings):
4848

4949
def prepare_log_source_signature(self, mapping: dict) -> AQLLogSourceSignature:
5050
log_source = mapping.get("log_source", {})
51-
default_log_source = mapping["default_log_source"]
51+
default_log_source = mapping.get("default_log_source")
5252
return AQLLogSourceSignature(
5353
device_types=log_source.get("devicetype"),
5454
categories=log_source.get("category"),

uncoder-core/app/translator/platforms/base/spl/str_value_manager.py

Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
"""
2+
Uncoder IO Community Edition License
3+
-----------------------------------------------------------------
4+
Copyright (c) 2023 SOC Prime, Inc.
5+
6+
Licensed under the Apache License, Version 2.0 (the "License");
7+
you may not use this file except in compliance with the License.
8+
You may obtain a copy of the License at
9+
10+
http://www.apache.org/licenses/LICENSE-2.0
11+
12+
Unless required by applicable law or agreed to in writing, software
13+
distributed under the License is distributed on an "AS IS" BASIS,
14+
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
15+
See the License for the specific language governing permissions and
16+
limitations under the License.
17+
-----------------------------------------------------------------
18+
"""
19+
from typing import ClassVar
20+
21+
from app.translator.core.str_value_manager import BaseSpecSymbol, StrValue, StrValueManager, UnboundLenWildCard
22+
from app.translator.platforms.base.spl.escape_manager import spl_escape_manager
23+
24+
25+
class SplStrValueManager(StrValueManager):
26+
escape_manager = spl_escape_manager
27+
str_spec_symbols_map: ClassVar[dict[str, type[BaseSpecSymbol]]] = {"*": UnboundLenWildCard}
28+
29+
def from_str_to_container(self, value: str) -> StrValue:
30+
split = []
31+
prev_char = None
32+
for char in value:
33+
if char == "\\":
34+
if prev_char == "\\":
35+
split.append("\\")
36+
prev_char = None
37+
continue
38+
elif char in self.str_spec_symbols_map:
39+
if prev_char == "\\":
40+
split.append(char)
41+
else:
42+
split.append(self.str_spec_symbols_map[char]())
43+
elif char in ('"', "=", "|", "<", ">"):
44+
split.append(char)
45+
else:
46+
if prev_char == "\\":
47+
split.append(prev_char)
48+
split.append(char)
49+
50+
prev_char = char
51+
52+
return StrValue(self.escape_manager.remove_escape(value), self._concat(split))
53+
54+
55+
spl_str_value_manager = SplStrValueManager()

uncoder-core/app/translator/platforms/sigma/parsers/sigma.py

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,6 @@
1818
"""
1919

2020
from datetime import timedelta
21-
from re import I
2221
from typing import Optional, Union
2322

2423
from app.translator.core.exceptions.core import SigmaRuleValidationException

uncoder-core/app/translator/tools/utils.py

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,13 @@
44
from typing import Optional
55

66

7+
def execute_module(path: str) -> None:
8+
with suppress(FileNotFoundError):
9+
spec = importlib.util.spec_from_file_location("__init__", path)
10+
init_module = importlib.util.module_from_spec(spec)
11+
spec.loader.exec_module(init_module)
12+
13+
714
def execute_module(path: str) -> None:
815
with suppress(FileNotFoundError):
916
spec = importlib.util.spec_from_file_location("__init__", path)

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy