Skip to content

files structure refactoring #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 1 commit into from
Nov 28, 2023
Merged

files structure refactoring #16

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion siem-converter/app/converter/converter.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

from app.converter.platforms.roota.parsers.roota import RootAParser
from app.converter.core.exceptions.core import UnsupportedPlatform
from app.converter.core.operator_types.output import SiemContainer
from app.converter.core.models.parser_output import SiemContainer
from app.converter.managers import RenderManager, ParserManager, render_manager, parser_manager
from app.converter.tools.decorators import handle_translation_exceptions

Expand Down
0 ...converter/core/operator_types/__init__.py → ...p/converter/core/custom_types/__init__.py
View file
Open in desktop
File renamed without changes.
6 changes: 0 additions & 6 deletions ...p/converter/core/operator_types/tokens.py → ...app/converter/core/custom_types/tokens.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,6 @@ class OperatorType(CustomEnum):
GTE = ">="
EQ = "="
NEQ = "!="
COLON = ":"
CONTAINS = "contains"
STARTSWITH = "startswith"
ENDSWITH = "endswith"
Expand All @@ -25,8 +24,3 @@ class OperatorType(CustomEnum):
class GroupType(CustomEnum):
L_PAREN = "("
R_PAREN = ")"
GROUP = "group"


class ValidTokens(LogicalOperatorType, OperatorType, GroupType):
pass
2 changes: 1 addition & 1 deletion siem-converter/app/converter/core/mixins/operator.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
from typing import Union, List, Tuple

from app.converter.core.models.identifier import Identifier
from app.converter.core.operator_types.tokens import OperatorType
from app.converter.core.custom_types.tokens import OperatorType


class WildCardMixin:
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/core/models/field.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

from app.converter.core.mapping import SourceMapping
from app.converter.core.models.identifier import Identifier
from app.converter.core.operator_types.tokens import OperatorType
from app.converter.core.custom_types.tokens import OperatorType


class Field:
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/core/models/functions/table.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
from app.converter.core.operator_types.tokens import OperatorType
from app.converter.core.custom_types.tokens import OperatorType


class TableField:
Expand Down
8 changes: 6 additions & 2 deletions siem-converter/app/converter/core/models/identifier.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,16 @@
from dataclasses import dataclass

from app.converter.core.operator_types.tokens import ValidTokens
from app.converter.core.custom_types.tokens import LogicalOperatorType, OperatorType, GroupType


class _IdentifierTokenType(LogicalOperatorType, OperatorType, GroupType):
pass


@dataclass
class Identifier:
def __init__(self, *, token_type: str) -> None:
if token_type not in ValidTokens:
if token_type not in _IdentifierTokenType:
raise Exception(f"Unexpected token type: {token_type}")

self.token_type = token_type
Expand Down
0 ...p/converter/core/operator_types/output.py → ...pp/converter/core/models/parser_output.py
View file
Open in desktop
File renamed without changes.
2 changes: 1 addition & 1 deletion siem-converter/app/converter/core/parser.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
from app.converter.core.mapping import BasePlatformMappings, SourceMapping
from app.converter.core.models.field import Field
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
from app.converter.core.tokenizer import QueryTokenizer, TOKEN_TYPE


Expand Down
4 changes: 2 additions & 2 deletions siem-converter/app/converter/core/render.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,8 +26,8 @@
from app.converter.core.models.field import Field, Keyword
from app.converter.core.models.functions.types import ParsedFunctions
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.operator_types.output import MetaInfoContainer
from app.converter.core.operator_types.tokens import LogicalOperatorType, OperatorType, GroupType
from app.converter.core.models.parser_output import MetaInfoContainer
from app.converter.core.custom_types.tokens import LogicalOperatorType, OperatorType, GroupType


class BaseQueryFieldValue(ABC):
Expand Down
4 changes: 2 additions & 2 deletions siem-converter/app/converter/core/tokenizer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -27,8 +27,8 @@
from app.converter.core.mapping import SourceMapping, DEFAULT_MAPPING_NAME, BasePlatformMappings
from app.converter.core.models.field import Field, Keyword
from app.converter.core.models.identifier import Identifier
from app.converter.core.models.group import GroupType
from app.converter.core.operator_types.tokens import OperatorType
from app.converter.platforms.sigma.models.group import GroupType
from app.converter.core.custom_types.tokens import OperatorType
from app.converter.tools.utils import get_match_group

TOKEN_TYPE = Union[Field, Keyword, Identifier]
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/athena/parsers/athena.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
from app.converter.platforms.athena.tokenizer import AthenaTokenizer
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.parser import Parser
from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer


class AthenaParser(Parser):
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/athena/tokenizer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@

from app.converter.core.models.identifier import Identifier
from app.converter.core.tokenizer import QueryTokenizer
from app.converter.core.operator_types.tokens import OperatorType
from app.converter.core.custom_types.tokens import OperatorType
from app.converter.tools.utils import get_match_group


Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/base/lucene/parsers/lucene.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@

from app.converter.platforms.base.lucene.tokenizer import LuceneTokenizer
from app.converter.core.parser import Parser
from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer


class LuceneParser(Parser):
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/base/lucene/tokenizer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
from app.converter.core.models.field import Keyword, Field
from app.converter.core.models.identifier import Identifier
from app.converter.core.tokenizer import QueryTokenizer
from app.converter.core.operator_types.tokens import OperatorType
from app.converter.core.custom_types.tokens import OperatorType
from app.converter.tools.utils import get_match_group


Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/base/spl/parsers/spl.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
from app.converter.platforms.base.spl.tokenizer import SplTokenizer
from app.converter.core.models.functions.types import ParsedFunctions
from app.converter.core.parser import Parser
from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer


class SplParser(Parser):
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/base/spl/tokenizer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
from typing import Tuple, Any

from app.converter.core.tokenizer import QueryTokenizer
from app.converter.core.operator_types.tokens import OperatorType
from app.converter.core.custom_types.tokens import OperatorType
from app.converter.tools.utils import get_match_group


Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/chronicle/parsers/chronicle.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
from app.converter.platforms.chronicle.tokenizer import ChronicleQueryTokenizer
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.parser import Parser
from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer


class ChronicleParser(Parser):
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/chronicle/parsers/chronicle_rule.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
from app.converter.core.exceptions.parser import TokenizerGeneralException
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.parser import Parser
from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer


class ChronicleRuleParser(Parser):
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/chronicle/renders/chronicle_rule.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
from app.converter.platforms.chronicle.const import DEFAULT_CHRONICLE_SECURITY_RULE, chronicle_rule_details
from app.converter.core.mapping import SourceMapping
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.operator_types.output import MetaInfoContainer
from app.converter.core.models.parser_output import MetaInfoContainer
from app.converter.tools.utils import concatenate_str, get_author_str

_AUTOGENERATED_TITLE = "Autogenerated Chronicle Security rule"
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/chronicle/tokenizer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@

from app.converter.core.exceptions.parser import TokenizerGeneralException
from app.converter.core.tokenizer import QueryTokenizer
from app.converter.core.operator_types.tokens import OperatorType
from app.converter.core.custom_types.tokens import OperatorType
from app.converter.tools.utils import get_match_group


Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/elasticsearch/parsers/detection_rule.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
from app.converter.platforms.elasticsearch.parsers.elasticsearch import ElasticSearchParser
from app.converter.core.mixins.rule import JsonRuleMixin
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer


class ElasticSearchRuleParser(ElasticSearchParser, JsonRuleMixin):
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/elasticsearch/renders/detection_rule.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
from app.converter.platforms.elasticsearch.renders.elasticsearch import ElasticSearchQueryRender, ElasticSearchFieldValue
from app.converter.core.mapping import SourceMapping
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.operator_types.output import MetaInfoContainer
from app.converter.core.models.parser_output import MetaInfoContainer
from app.converter.tools.utils import concatenate_str, get_mitre_attack_str


Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/elasticsearch/renders/elast_alert.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
from app.converter.platforms.elasticsearch.renders.elasticsearch import ElasticSearchQueryRender, ElasticSearchFieldValue
from app.converter.core.mapping import SourceMapping
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.operator_types.output import MetaInfoContainer
from app.converter.core.models.parser_output import MetaInfoContainer
from app.converter.tools.utils import get_author_str, concatenate_str, get_mitre_attack_str, get_licence_str


Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/elasticsearch/renders/kibana.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
from app.converter.platforms.elasticsearch.renders.elasticsearch import ElasticSearchQueryRender, ElasticSearchFieldValue
from app.converter.core.mapping import SourceMapping
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.operator_types.output import MetaInfoContainer
from app.converter.core.models.parser_output import MetaInfoContainer
from app.converter.tools.utils import concatenate_str, get_author_str, get_licence_str, get_mitre_attack_str, \
get_rule_id_str, get_references_str

Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/elasticsearch/renders/xpack_watcher.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
from app.converter.platforms.elasticsearch.const import XPACK_WATCHER_RULE, xpack_watcher_details
from app.converter.core.mapping import SourceMapping
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.operator_types.output import MetaInfoContainer
from app.converter.core.models.parser_output import MetaInfoContainer
from app.converter.tools.utils import concatenate_str, get_author_str, get_licence_str, get_mitre_attack_str


Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/logscale/parsers/logscale.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
from app.converter.platforms.logscale.tokenizer import LogScaleTokenizer
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.parser import Parser
from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer


class LogScaleParser(Parser):
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/logscale/parsers/logscale_alert.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
from app.converter.platforms.logscale.parsers.logscale import LogScaleParser
from app.converter.core.mixins.rule import JsonRuleMixin
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer


class LogScaleAlertParser(LogScaleParser, JsonRuleMixin):
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/logscale/renders/logscale.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
from app.converter.platforms.logscale.mapping import LogScaleMappings, logscale_mappings
from app.converter.core.mapping import SourceMapping
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.operator_types.output import MetaInfoContainer
from app.converter.core.models.parser_output import MetaInfoContainer
from app.converter.core.render import BaseQueryRender, BaseQueryFieldValue


Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/logscale/renders/logscale_alert.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@
from app.converter.platforms.logscale.const import DEFAULT_LOGSCALE_ALERT, logscale_alert_details
from app.converter.core.mapping import SourceMapping
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.operator_types.output import MetaInfoContainer
from app.converter.core.models.parser_output import MetaInfoContainer


_AUTOGENERATED_TITLE = "Autogenerated Falcon LogScale Alert"
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/logscale/tokenizer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@

from app.converter.core.models.field import Keyword, Field
from app.converter.core.models.identifier import Identifier
from app.converter.core.operator_types.tokens import GroupType, LogicalOperatorType, OperatorType
from app.converter.core.custom_types.tokens import GroupType, LogicalOperatorType, OperatorType
from app.converter.core.tokenizer import QueryTokenizer
from app.converter.tools.utils import get_match_group

Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/microsoft/parsers/microsoft_sentinel.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
from app.converter.core.models.functions.types import ParsedFunctions
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.parser import Parser
from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer


class MicrosoftParser(Parser):
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/microsoft/parsers/microsoft_sentinel_rule.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@
from app.converter.platforms.microsoft.parsers.microsoft_sentinel import MicrosoftParser
from app.converter.core.mixins.rule import JsonRuleMixin
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer


class MicrosoftRuleParser(MicrosoftParser, JsonRuleMixin):
Expand Down
3 changes: 1 addition & 2 deletions siem-converter/app/converter/platforms/microsoft/renders/microsoft_sentinel_rule.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@

import copy
import json
import re

from app.converter.platforms.microsoft.renders.microsoft_sentinel import (
MicrosoftSentinelQueryRender,
Expand All @@ -28,7 +27,7 @@
from app.converter.platforms.microsoft.const import DEFAULT_MICROSOFT_SENTINEL_RULE, microsoft_sentinel_rule_details
from app.converter.core.mapping import SourceMapping
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.operator_types.output import MetaInfoContainer
from app.converter.core.models.parser_output import MetaInfoContainer
from app.converter.tools.utils import concatenate_str, get_author_str, get_licence_str


Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/microsoft/tokenizer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@

from app.converter.core.mixins.operator import OperatorBasedMixin
from app.converter.core.tokenizer import QueryTokenizer
from app.converter.core.operator_types.tokens import OperatorType
from app.converter.core.custom_types.tokens import OperatorType
from app.converter.tools.utils import get_match_group


Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/opensearch/renders/opensearch_rule.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
from app.converter.platforms.opensearch.renders.opensearch import OpenSearchQueryRender, OpenSearchFieldValue
from app.converter.core.mapping import SourceMapping
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.operator_types.output import MetaInfoContainer
from app.converter.core.models.parser_output import MetaInfoContainer


SEVERITIES_MAP = {"informational": "5", "low": "4", "medium": "3", "high": "2", "critical": "1"}
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/qradar/parsers/qradar.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,7 @@
from app.converter.platforms.qradar.tokenizer import QradarTokenizer
from app.converter.core.models.platform_details import PlatformDetails
from app.converter.core.parser import Parser
from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
from app.converter.tools.utils import get_match_group


Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/qradar/tokenizer.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@
from app.converter.core.models.field import Keyword
from app.converter.core.models.identifier import Identifier
from app.converter.core.tokenizer import QueryTokenizer
from app.converter.core.operator_types.tokens import OperatorType
from app.converter.core.custom_types.tokens import OperatorType
from app.converter.tools.utils import get_match_group


Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/roota/parsers/roota.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@

from app.converter.core.exceptions.core import UnsupportedRootAParser, RootARuleValidationException
from app.converter.core.mixins.rule import YamlRuleMixin
from app.converter.core.operator_types.output import SiemContainer, MetaInfoContainer
from app.converter.core.models.parser_output import SiemContainer, MetaInfoContainer
from app.converter.core.parser import Parser
from app.converter.managers import parser_manager

Expand Down
6 changes: 3 additions & 3 deletions ...-converter/app/converter/core/compiler.py → ...verter/platforms/sigma/models/compiler.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,10 +17,10 @@
"""

from app.converter.core.models.field import Field, Keyword
from app.converter.core.models.group import Group
from app.converter.platforms.sigma.models.group import Group
from app.converter.core.models.identifier import Identifier
from app.converter.core.models.operator import Operator, NOT
from app.converter.core.operator_types.tokens import LogicalOperatorType, GroupType
from app.converter.platforms.sigma.models.operator import Operator, NOT
from app.converter.core.custom_types.tokens import LogicalOperatorType, GroupType


class DataStructureCompiler:
Expand Down
4 changes: 1 addition & 3 deletions ...verter/app/converter/core/models/group.py → ...converter/platforms/sigma/models/group.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,7 @@
from app.converter.core.models.operator import OR, AND, NOT
from app.converter.core.operator_types.tokens import GroupType
from app.converter.platforms.sigma.models.operator import OR, AND, NOT


class Group:
token_type = GroupType.GROUP
parent_group = []
sub_group = None
last_field = None
Expand Down
2 changes: 1 addition & 1 deletion siem-converter/app/converter/platforms/sigma/models/modifiers.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

from app.converter.core.models.field import Field
from app.converter.core.models.identifier import Identifier
from app.converter.core.operator_types.tokens import LogicalOperatorType, OperatorType, GroupType
from app.converter.core.custom_types.tokens import LogicalOperatorType, OperatorType, GroupType


class ModifierManager:
Expand Down
Loading
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy