UncoderIO
diff --git a/‎uncoder-core/app/routers/translate.py
Lines changed: 7 additions & 1 deletion b/‎uncoder-core/app/routers/translate.py
Lines changed: 7 additions & 1 deletion
diff --git a/‎uncoder-core/app/translator/core/context_vars.py
Lines changed: 4 additions & 0 deletions b/‎uncoder-core/app/translator/core/context_vars.py
Lines changed: 4 additions & 0 deletions
diff --git a/‎uncoder-core/app/translator/core/render.py
Lines changed: 19 additions & 2 deletions b/‎uncoder-core/app/translator/core/render.py
Lines changed: 19 additions & 2 deletions
diff --git a/‎uncoder-core/app/translator/platforms/chronicle/renders/chronicle_rule.py
Lines changed: 5 additions & 7 deletions b/‎uncoder-core/app/translator/platforms/chronicle/renders/chronicle_rule.py
Lines changed: 5 additions & 7 deletions
diff --git a/‎uncoder-core/app/translator/platforms/elasticsearch/renders/detection_rule.py
Lines changed: 8 additions & 22 deletions b/‎uncoder-core/app/translator/platforms/elasticsearch/renders/detection_rule.py
Lines changed: 8 additions & 22 deletions
diff --git a/‎uncoder-core/app/translator/platforms/elasticsearch/renders/elast_alert.py
Lines changed: 5 additions & 10 deletions b/‎uncoder-core/app/translator/platforms/elasticsearch/renders/elast_alert.py
Lines changed: 5 additions & 10 deletions
diff --git a/‎uncoder-core/app/translator/platforms/elasticsearch/renders/kibana.py
Lines changed: 10 additions & 14 deletions b/‎uncoder-core/app/translator/platforms/elasticsearch/renders/kibana.py
Lines changed: 10 additions & 14 deletions
diff --git a/‎uncoder-core/app/translator/platforms/elasticsearch/renders/xpack_watcher.py
Lines changed: 9 additions & 14 deletions b/‎uncoder-core/app/translator/platforms/elasticsearch/renders/xpack_watcher.py
Lines changed: 9 additions & 14 deletions
@@ -1,6 +1,7 @@
 from fastapi import APIRouter, Body
 
 from app.models.translation import InfoMessage, OneTranslationData, Platform, TranslatorPlatforms
+from app.translator.core.context_vars import with_meta_info_annotation_ctx_var
 from app.translator.cti_translator import CTITranslator
 from app.translator.translator import Translator
 
@@ -15,7 +16,9 @@ def translate_one(
     source_platform_id: str = Body(..., embed=True),
     target_platform_id: str = Body(..., embed=True),
     text: str = Body(..., embed=True),
+    with_meta_info_annotation: bool = True,
 ) -> OneTranslationData:
+    with_meta_info_annotation_ctx_var.set(with_meta_info_annotation)
     status, data = translator.translate_one(text=text, source=source_platform_id, target=target_platform_id)
     if status:
         return OneTranslationData(status=status, translation=data, target_platform_id=target_platform_id)
@@ -27,8 +30,11 @@ def translate_one(
 @st_router.post("/translate/all", tags=["translator"], description="Generate all translations")
 @st_router.post("/translate/all/", include_in_schema=False)
 def translate_all(
-    source_platform_id: str = Body(..., embed=True), text: str = Body(..., embed=True)
+    source_platform_id: str = Body(..., embed=True),
+    text: str = Body(..., embed=True),
+    with_meta_info_annotation: bool = True,
 ) -> list[OneTranslationData]:
+    with_meta_info_annotation_ctx_var.set(with_meta_info_annotation)
     result = translator.translate_all(text=text, source=source_platform_id)
     translations = []
     for platform_result in result:
 
@@ -0,0 +1,4 @@
+from contextvars import ContextVar
+
+with_meta_info_annotation_ctx_var: ContextVar[bool] = ContextVar("with_meta_info_annotation_ctx_var", default=False)
+"""Set to True to return only the query, excluding meta information and comments."""
@@ -21,6 +21,7 @@
 from typing import Optional, Union
 
 from app.translator.const import DEFAULT_VALUE_TYPE
+from app.translator.core.context_vars import with_meta_info_annotation_ctx_var
 from app.translator.core.custom_types.tokens import LogicalOperatorType, OperatorType
 from app.translator.core.custom_types.values import ValueType
 from app.translator.core.escape_manager import EscapeManager
@@ -195,18 +196,34 @@ def wrap_query_with_meta_info(self, meta_info: MetaInfoContainer, query: str) ->
             query = f"{query}\n\n{query_meta_info}"
         return query
 
+    def render_query(
+        self,
+        prefix: str,
+        query: str,
+        functions: str,
+        meta_info: Optional[MetaInfoContainer] = None,  # noqa: ARG002
+        source_mapping: Optional[SourceMapping] = None,  # noqa: ARG002
+        *args,  # noqa: ARG002
+        **kwargs,  # noqa: ARG002
+    ) -> str:
+        return self.query_pattern.format(prefix=prefix, query=query, functions=functions).strip()
+
     def finalize_query(
         self,
         prefix: str,
         query: str,
         functions: str,
         meta_info: Optional[MetaInfoContainer] = None,
-        source_mapping: Optional[SourceMapping] = None,  # noqa: ARG002
+        source_mapping: Optional[SourceMapping] = None,
         not_supported_functions: Optional[list] = None,
         *args,  # noqa: ARG002
         **kwargs,  # noqa: ARG002
     ) -> str:
-        query = self.query_pattern.format(prefix=prefix, query=query, functions=functions).strip()
+        query = self.render_query(
+            prefix=prefix, query=query, functions=functions, meta_info=meta_info, source_mapping=source_mapping
+        )
+        if with_meta_info_annotation_ctx_var.get() is False:
+            return query
         query = self.wrap_query_with_meta_info(meta_info=meta_info, query=query)
         if not_supported_functions:
             rendered_not_supported = self.render_not_supported_functions(not_supported_functions)
 
@@ -27,8 +27,7 @@
 from app.translator.platforms.chronicle.const import DEFAULT_CHRONICLE_SECURITY_RULE, chronicle_rule_details
 from app.translator.platforms.chronicle.renders.chronicle import ChronicleFieldValue, ChronicleQueryRender
 
-_AUTOGENERATED_TITLE = "Autogenerated Chronicle Security rule"
-_AUTOGENERATED_DESCRIPTION = "Autogenerated Chronicle Security rule."
+_AUTOGENERATED_TEMPLATE = "Autogenerated Chronicle Security rule."
 
 
 class ChronicleRuleFieldValue(ChronicleFieldValue):
@@ -100,21 +99,20 @@ def prepare_title(title: str) -> str:
         new_title = new_title[index:]
         return new_title.strip("_")
 
-    def finalize_query(
+    def render_query(
         self,
         prefix: str,
         query: str,
         functions: str,
         meta_info: Optional[MetaInfoContainer] = None,
         source_mapping: Optional[SourceMapping] = None,  # noqa: ARG002
-        not_supported_functions: Optional[list] = None,  # noqa: ARG002,
         *args,  # noqa: ARG002
         **kwargs,  # noqa: ARG002
     ) -> str:
-        query = super().finalize_query(prefix=prefix, query=query, functions=functions)
+        query = super().render_query(prefix=prefix, query=query, functions=functions)
         rule = DEFAULT_CHRONICLE_SECURITY_RULE.replace("<query_placeholder>", query)
-        rule = rule.replace("<title_place_holder>", self.prepare_title(meta_info.title) or _AUTOGENERATED_TITLE)
-        description = meta_info.description or _AUTOGENERATED_DESCRIPTION
+        rule = rule.replace("<title_place_holder>", self.prepare_title(meta_info.title) or _AUTOGENERATED_TEMPLATE)
+        description = meta_info.description or _AUTOGENERATED_TEMPLATE
         rule = rule.replace("<author_place_holder>", meta_info.author)
         rule = rule.replace("<description_place_holder>", description)
         rule = rule.replace("<licence_place_holder>", meta_info.license)
 
@@ -18,10 +18,9 @@
 """
 
 import copy
+import json
 from typing import Optional, Union
 
-import ujson
-
 from app.translator.core.mapping import SourceMapping
 from app.translator.core.mitre import MitreConfig
 from app.translator.core.models.platform_details import PlatformDetails
@@ -33,6 +32,8 @@
     ElasticSearchQueryRender,
 )
 
+_AUTOGENERATED_TEMPLATE = "Autogenerated Elastic Rule"
+
 
 class ElasticSearchRuleFieldValue(ElasticSearchFieldValue):
     details: PlatformDetails = elasticsearch_rule_details
@@ -55,14 +56,6 @@ def __create_mitre_threat(self, mitre_attack: dict) -> Union[list, list[dict]]:
             return []
         threat = []
 
-        if not mitre_attack.get("tactics"):
-            for technique in mitre_attack.get("techniques"):
-                technique_name = technique["technique"]
-                if "." in technique_name:
-                    technique_name = technique_name[: technique_name.index(".")]
-                threat.append(technique_name)
-            return sorted(threat)
-
         for tactic in mitre_attack["tactics"]:
             tactic_render = {"id": tactic["external_id"], "name": tactic["tactic"], "reference": tactic["url"]}
             sub_threat = {"tactic": tactic_render, "framework": "MITRE ATT&CK", "technique": []}
@@ -84,26 +77,23 @@ def __create_mitre_threat(self, mitre_attack: dict) -> Union[list, list[dict]]:
 
         return sorted(threat, key=lambda x: x["tactic"]["id"])
 
-    def finalize_query(
+    def render_query(
         self,
         prefix: str,
         query: str,
         functions: str,
         meta_info: Optional[MetaInfoContainer] = None,
         source_mapping: Optional[SourceMapping] = None,  # noqa: ARG002
-        not_supported_functions: Optional[list] = None,
         *args,  # noqa: ARG002
         **kwargs,  # noqa: ARG002
     ) -> str:
-        query = super().finalize_query(prefix=prefix, query=query, functions=functions)
+        query = super().render_query(prefix=prefix, query=query, functions=functions)
         rule = copy.deepcopy(ELASTICSEARCH_DETECTION_RULE)
-        description = meta_info.description or rule["description"]
-
         rule.update(
             {
                 "query": query,
-                "description": description,
-                "name": meta_info.title,
+                "description": meta_info.description or rule["description"] or _AUTOGENERATED_TEMPLATE,
+                "name": meta_info.title or _AUTOGENERATED_TEMPLATE,
                 "rule_id": meta_info.id,
                 "author": [meta_info.author],
                 "severity": meta_info.severity,
@@ -114,8 +104,4 @@ def finalize_query(
                 "false_positives": meta_info.false_positives,
             }
         )
-        rule_str = ujson.dumps(rule, indent=4, sort_keys=False, ensure_ascii=False)
-        if not_supported_functions:
-            rendered_not_supported = self.render_not_supported_functions(not_supported_functions)
-            return rule_str + rendered_not_supported
-        return rule_str
+        return json.dumps(rule, indent=4, sort_keys=False, ensure_ascii=False)
@@ -16,7 +16,6 @@
 limitations under the License.
 -----------------------------------------------------------------
 """
-
 from typing import Optional
 
 from app.translator.core.custom_types.meta_info import SeverityType
@@ -31,6 +30,7 @@
 )
 from app.translator.tools.utils import get_rule_description_str
 
+_AUTOGENERATED_TEMPLATE = "Autogenerated ElastAlert"
 _SEVERITIES_MAP = {SeverityType.low: "4", SeverityType.medium: "3", SeverityType.high: "2", SeverityType.critical: "1"}
 
 
@@ -49,14 +49,13 @@ class ElastAlertRuleRender(ElasticSearchQueryRender):
     field_value_map = ElasticAlertRuleFieldValue(or_token=or_token)
     query_pattern = "{prefix} {query} {functions}"
 
-    def finalize_query(
+    def render_query(
         self,
         prefix: str,
         query: str,
         functions: str,
         meta_info: Optional[MetaInfoContainer] = None,
         source_mapping: Optional[SourceMapping] = None,  # noqa: ARG002
-        not_supported_functions: Optional[list] = None,
         *args,  # noqa: ARG002
         **kwargs,  # noqa: ARG002
     ) -> str:
@@ -66,14 +65,10 @@ def finalize_query(
             "<description_place_holder>",
             get_rule_description_str(
                 author=meta_info.author,
-                description=meta_info.description,
+                description=meta_info.description or _AUTOGENERATED_TEMPLATE,
                 license_=meta_info.license,
                 rule_id=meta_info.id,
             ),
         )
-        rule = rule.replace("<title_place_holder>", meta_info.title)
-        rule = rule.replace("<priority_place_holder>", _SEVERITIES_MAP[meta_info.severity])
-        if not_supported_functions:
-            rendered_not_supported = self.render_not_supported_functions(not_supported_functions)
-            return rule + rendered_not_supported
-        return rule
+        rule = rule.replace("<title_place_holder>", meta_info.title or _AUTOGENERATED_TEMPLATE)
+        return rule.replace("<priority_place_holder>", _SEVERITIES_MAP[meta_info.severity])
@@ -16,12 +16,10 @@
 limitations under the License.
 -----------------------------------------------------------------
 """
-
 import copy
+import json
 from typing import Optional
 
-import ujson
-
 from app.translator.core.mapping import SourceMapping
 from app.translator.core.models.platform_details import PlatformDetails
 from app.translator.core.models.query_container import MetaInfoContainer
@@ -33,6 +31,8 @@
 )
 from app.translator.tools.utils import get_rule_description_str
 
+_AUTOGENERATED_TEMPLATE = "Autogenerated Elastic Kibana Saved Search"
+
 
 class KibanaFieldValue(ElasticSearchFieldValue):
     details: PlatformDetails = kibana_rule_details
@@ -44,33 +44,29 @@ class KibanaRuleRender(ElasticSearchQueryRender):
     or_token = "OR"
     field_value_map = KibanaFieldValue(or_token=or_token)
 
-    def finalize_query(
+    def render_query(
         self,
         prefix: str,
         query: str,
         functions: str,
         meta_info: Optional[MetaInfoContainer] = None,
         source_mapping: Optional[SourceMapping] = None,  # noqa: ARG002
-        not_supported_functions: Optional[list] = None,
         *args,  # noqa: ARG002
         **kwargs,  # noqa: ARG002
     ) -> str:
-        query = super().finalize_query(prefix=prefix, query=query, functions=functions)
+        query = super().render_query(prefix=prefix, query=query, functions=functions)
         search_source = copy.deepcopy(KIBANA_SEARCH_SOURCE_JSON)
         search_source["query"]["query_string"]["query"] = query
-        dumped_rule = ujson.dumps(search_source, sort_keys=False, escape_forward_slashes=False)
+        dumped_rule = json.dumps(search_source, sort_keys=False)
         rule = copy.deepcopy(KIBANA_RULE)
         rule["_source"]["kibanaSavedObjectMeta"]["searchSourceJSON"] = dumped_rule
-        rule["_source"]["title"] = meta_info.title
+        rule["_source"]["title"] = meta_info.title or _AUTOGENERATED_TEMPLATE
+        descr = meta_info.description or rule["_source"]["description"] or _AUTOGENERATED_TEMPLATE
         rule["_source"]["description"] = get_rule_description_str(
-            description=meta_info.description or rule["_source"]["description"],
+            description=descr,
             author=meta_info.author,
             rule_id=meta_info.id,
             license_=meta_info.license,
             references=meta_info.references,
         )
-        rule_str = ujson.dumps(rule, indent=4, sort_keys=False)
-        if not_supported_functions:
-            rendered_not_supported = self.render_not_supported_functions(not_supported_functions)
-            return rule_str + rendered_not_supported
-        return rule_str
+        return json.dumps(rule, indent=4, sort_keys=False)
@@ -16,12 +16,10 @@
 limitations under the License.
 -----------------------------------------------------------------
 """
-
 import copy
+import json
 from typing import Optional
 
-import ujson
-
 from app.translator.core.mapping import SourceMapping
 from app.translator.core.models.platform_details import PlatformDetails
 from app.translator.core.models.query_container import MetaInfoContainer
@@ -33,6 +31,8 @@
 )
 from app.translator.tools.utils import get_rule_description_str
 
+_AUTOGENERATED_TEMPLATE = "Autogenerated Elastic Watcher"
+
 
 class XpackWatcherRuleFieldValue(ElasticSearchFieldValue):
     details: PlatformDetails = xpack_watcher_details
@@ -44,25 +44,24 @@ class XPackWatcherRuleRender(ElasticSearchQueryRender):
     or_token = "OR"
     field_value_map = XpackWatcherRuleFieldValue(or_token=or_token)
 
-    def finalize_query(
+    def render_query(
         self,
         prefix: str,
         query: str,
         functions: str,
         meta_info: Optional[MetaInfoContainer] = None,
         source_mapping: Optional[SourceMapping] = None,
-        not_supported_functions: Optional[list] = None,
         *args,  # noqa: ARG002
         **kwargs,  # noqa: ARG002
     ) -> str:
-        query = super().finalize_query(prefix=prefix, query=query, functions=functions)
+        query = super().render_query(prefix=prefix, query=query, functions=functions)
         rule = copy.deepcopy(XPACK_WATCHER_RULE)
         rule["metadata"].update(
             {
                 "query": query,
-                "title": meta_info.title,
+                "title": meta_info.title or _AUTOGENERATED_TEMPLATE,
                 "description": get_rule_description_str(
-                    description=meta_info.description,
+                    description=meta_info.description or _AUTOGENERATED_TEMPLATE,
                     author=meta_info.author,
                     license_=meta_info.license,
                     mitre_attack=meta_info.mitre_attack,
@@ -73,9 +72,5 @@ def finalize_query(
         rule["input"]["search"]["request"]["body"]["query"]["bool"]["must"][0]["query_string"]["query"] = query
         indices = source_mapping and [str(source_mapping.log_source_signature)] or []
         rule["input"]["search"]["request"]["indices"] = indices
-        rule["actions"]["send_email"]["email"]["subject"] = meta_info.title
-        rule_str = ujson.dumps(rule, indent=4, sort_keys=False)
-        if not_supported_functions:
-            rendered_not_supported = self.render_not_supported_functions(not_supported_functions)
-            return rule_str + rendered_not_supported
-        return rule_str
+        rule["actions"]["send_email"]["email"]["subject"] = meta_info.title or _AUTOGENERATED_TEMPLATE
+        return json.dumps(rule, indent=4, sort_keys=False)