File tree Expand file tree Collapse file tree 2 files changed +17
-4
lines changed
uncoder-core/app/translator/platforms/sentinel_one Expand file tree Collapse file tree 2 files changed +17
-4
lines changed Original file line number Diff line number Diff line change 1+ from app .translator .core .models .platform_details import PlatformDetails
2+
3+
4+ PLATFORM_DETAILS = {"group_id" : "sentinel-one" , "group_name" : "SentinelOne" }
5+
16SENTINEL_ONE_EVENTS_QUERY_DETAILS = {
27 "platform_id" : "s1-events" ,
38 "name" : "SentinelOne Events Query" ,
4- "group_name" : "SentinelOne" ,
5- "group_id" : "sentinel-one" ,
69 "platform_name" : "Query (Events)" ,
10+ ** PLATFORM_DETAILS ,
711}
12+
13+ SENTINEL_ONE_POWER_QUERY_DETAILS = {
14+ "platform_id" : "sentinel-one-power-query" ,
15+ "name" : "SentinelOne Power Query" ,
16+ "platform_name" : "Power Query" ,
17+ ** PLATFORM_DETAILS ,
18+ }
19+
20+ sentinel_one_events_query_details = PlatformDetails (** SENTINEL_ONE_EVENTS_QUERY_DETAILS )
Original file line number Diff line number Diff line change 2020from app .translator .core .models .platform_details import PlatformDetails
2121from app .translator .core .render_cti import RenderCTI
2222from app .translator .managers import render_cti_manager
23- from app .translator .platforms .sentinel_one .const import SENTINEL_ONE_EVENTS_QUERY_DETAILS
23+ from app .translator .platforms .sentinel_one .const import sentinel_one_events_query_details
2424from app .translator .platforms .sentinel_one .mappings .s1_cti import DEFAULT_S1EVENTS_MAPPING
2525
2626
2727@render_cti_manager .register
2828class S1EventsCTI (RenderCTI ):
29- details : PlatformDetails = PlatformDetails ( ** SENTINEL_ONE_EVENTS_QUERY_DETAILS )
29+ details : PlatformDetails = sentinel_one_events_query_details
3030
3131 field_value_template : str = '"{value}"'
3232 or_operator : str = ", "
You can’t perform that action at this time.
0 commit comments