diff --git a/uncoder-core/app/translator/core/render.py b/uncoder-core/app/translator/core/render.py
index 22828b4f..4a4ff55f 100644
--- a/uncoder-core/app/translator/core/render.py
+++ b/uncoder-core/app/translator/core/render.py
@@ -300,8 +300,9 @@ def _generate_from_tokenized_query_container(self, query_container: TokenizedQue
for source_mapping in source_mappings:
prefix = self.generate_prefix(source_mapping.log_source_signature)
if source_mapping.raw_log_fields:
- defined_raw_log_fields = self.generate_raw_log_fields(fields=query_container.meta_info.query_fields,
- source_mapping=source_mapping)
+ defined_raw_log_fields = self.generate_raw_log_fields(
+ fields=query_container.meta_info.query_fields, source_mapping=source_mapping
+ )
prefix += f"\n{defined_raw_log_fields}\n"
result = self.generate_query(tokens=query_container.tokens, source_mapping=source_mapping)
rendered_functions = self.generate_functions(query_container.functions.functions, source_mapping)
diff --git a/uncoder-core/app/translator/platforms/logrhythm_axon/renders/logrhythm_axon_query.py b/uncoder-core/app/translator/platforms/logrhythm_axon/renders/logrhythm_axon_query.py
index 3b561065..2291469f 100644
--- a/uncoder-core/app/translator/platforms/logrhythm_axon/renders/logrhythm_axon_query.py
+++ b/uncoder-core/app/translator/platforms/logrhythm_axon/renders/logrhythm_axon_query.py
@@ -186,6 +186,12 @@ def regex_modifier(self, field: str, value: DEFAULT_VALUE_TYPE) -> str:
return self.contains_modifier(field, value)
return f'{field} matches "{value}"'
+ def keywords(self, field: str, value: DEFAULT_VALUE_TYPE) -> str: # noqa: ARG002
+ if isinstance(value, list):
+ rendered_keywords = [f'{UNMAPPED_FIELD_DEFAULT_NAME} CONTAINS "{v}"' for v in value]
+ return f"({self.or_token.join(rendered_keywords)})"
+ return f'{UNMAPPED_FIELD_DEFAULT_NAME} CONTAINS "{value}"'
+
class LogRhythmAxonQueryRender(PlatformQueryRender):
details: PlatformDetails = logrhythm_axon_query_details
diff --git a/uncoder-core/app/translator/platforms/microsoft/renders/microsoft_sentinel.py b/uncoder-core/app/translator/platforms/microsoft/renders/microsoft_sentinel.py
index 21920aa4..14e6e8ee 100644
--- a/uncoder-core/app/translator/platforms/microsoft/renders/microsoft_sentinel.py
+++ b/uncoder-core/app/translator/platforms/microsoft/renders/microsoft_sentinel.py
@@ -110,10 +110,10 @@ def keywords(self, field: str, value: DEFAULT_VALUE_TYPE) -> str:
return f"({self.or_token.join(self.keywords(field=field, value=v) for v in value)})"
return f"* contains @'{self.__escape_value(value)}'"
- def is_none(self, field: str, value: Union[str, int]) -> str:
+ def is_none(self, field: str, value: Union[str, int]) -> str: # noqa: ARG002
return f"isempty({self.apply_value(value)})"
- def is_not_none(self, field: str, value: Union[str, int]) -> str:
+ def is_not_none(self, field: str, value: Union[str, int]) -> str: # noqa: ARG002
return f"isnotempty({self.apply_value(value)})"
diff --git a/uncoder-core/app/translator/platforms/palo_alto/renders/cortex_xsiam.py b/uncoder-core/app/translator/platforms/palo_alto/renders/cortex_xsiam.py
index aaebb93e..33f2d5cf 100644
--- a/uncoder-core/app/translator/platforms/palo_alto/renders/cortex_xsiam.py
+++ b/uncoder-core/app/translator/platforms/palo_alto/renders/cortex_xsiam.py
@@ -35,7 +35,7 @@ class CortexXSIAMFieldValue(BaseQueryFieldValue):
def equal_modifier(self, field: str, value: DEFAULT_VALUE_TYPE) -> str:
if isinstance(value, list):
values = ", ".join(f'"{v}"' for v in value)
- return f'{field} in ({values})'
+ return f"{field} in ({values})"
if isinstance(value, int):
return f"{field} = {value}"
return f'{field} = "{value}"'
@@ -111,6 +111,14 @@ class CortexXQLQueryRender(PlatformQueryRender):
is_multi_line_comment = False
def generate_prefix(self, log_source_signature: LogSourceSignature) -> str:
- preset = f"preset = {log_source_signature._default_source.get('preset')}" if log_source_signature._default_source.get('preset') else None
- dataset = f"dataset = {log_source_signature._default_source.get('dataset')}" if log_source_signature._default_source.get('dataset') else None
+ preset = (
+ f"preset = {log_source_signature._default_source.get('preset')}"
+ if log_source_signature._default_source.get("preset")
+ else None
+ )
+ dataset = (
+ f"dataset = {log_source_signature._default_source.get('dataset')}"
+ if log_source_signature._default_source.get("dataset")
+ else None
+ )
return preset or dataset or "datamodel"
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy