second half of email.* mapping for elastic_ecs #1632
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## develop #1632 +/- ##
========================================
Coverage 86.01% 86.01%
========================================
Files 572 572
Lines 48710 48733 +23
========================================
+ Hits 41896 41919 +23
Misses 6814 6814 ☔ View full report in Codecov by Sentry. |
pcoccoli
approved these changes
Jan 5, 2024
mdazam1942
approved these changes
Jan 5, 2024
DerekRushton
pushed a commit
that referenced
this pull request
Jan 16, 2024
DerekRushton
added a commit
that referenced
this pull request
Jul 22, 2024
* CP4S-39527 Initial Translation Code - Draft * Tanium Threat Response * Fix Azure log analytics results translation. (#1612) Updating azure log analytics review comments. 1. Added transformer for converting int to float for latitude. 2.Updated TimestampConversion transformer to handle without milliseconds and added mappings for first and last observed. 3. Updated transformer to handle ConfidenceScore value is 'nan'. * Bump aioboto3 from 11.3.1 to 12.0.0 in /stix_shifter (#1611) Bumps [aioboto3](https://github.com/terrycain/aioboto3) from 11.3.1 to 12.0.0. - [Changelog](https://github.com/terrycain/aioboto3/blob/main/CHANGELOG.rst) - [Commits](terricain/aioboto3@v11.3.1...v12.0.0) --- updated-dependencies: - dependency-name: aioboto3 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump pyopenssl from 23.2.0 to 23.3.0 in /stix_shifter (#1610) Bumps [pyopenssl](https://github.com/pyca/pyopenssl) from 23.2.0 to 23.3.0. - [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst) - [Commits](pyca/pyopenssl@23.2.0...23.3.0) --- updated-dependencies: - dependency-name: pyopenssl dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * table of mapping script update for to-stix dialects (#1609) * Bump azure-identity from 1.14.1 to 1.15.0 in /stix_shifter (#1614) Bumps [azure-identity](https://github.com/Azure/azure-sdk-for-python) from 1.14.1 to 1.15.0. - [Release notes](https://github.com/Azure/azure-sdk-for-python/releases) - [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md) - [Commits](Azure/azure-sdk-for-python@azure-identity_1.14.1...azure-identity_1.15.0) --- updated-dependencies: - dependency-name: azure-identity dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Bump flatten-json from 0.1.13 to 0.1.14 in /stix_shifter (#1613) Bumps [flatten-json](https://github.com/amirziai/flatten) from 0.1.13 to 0.1.14. - [Release notes](https://github.com/amirziai/flatten/releases) - [Commits](https://github.com/amirziai/flatten/commits) --- updated-dependencies: - dependency-name: flatten-json dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update CHANGELOG.md for 6.3.0 * Cisco secure email added readme detailed file. (#1615) * Added tested communication code for Tanium * Added suggestions from Azam. * Fix parameter assignment in error handling function (#1616) * Remove future timestamp qualifier conditions (#1619) * Make sure certificate is verified when required by RestApiClientAsync (#1620) Deprecates selfSignedCert: false bypasss * Update CHANGELOG.md for 7.0.0 * add email-message translation to ecs (#1621) * Update group_ref keyword documenation (#1622) * Initial To Stix mapping - Event and Transformers * Another temporary commit to hold x-oca-event form * Finished up the to_stix mapping + test. * Removed additional event data. * Fixing the unittest failure * Another Attempt * Added the missing fields to the Tanium API response and request. * Updated toStix and fromStix * Update CHANGELOG.md for 7.0.1 * second half of email.* mapping for elastic_ecs (#1632) * Sysdig connector (#1630) * Update machine ID field in QRadar module (#1634) Co-authored-by: Kane Brennan <Kane.Brennan@ibm.com> * Sysdig Connector - Formatting issue in sysdig_supported_stix.md file corrected (#1635) * Added the readme (WIP) * Undid an unintended change. * Another Attempt to undo the change. * Removing one more unintended change. * One more unintended change. * Updated the sample for the unit test. * Azam's suggestions. * Cleaned out the testing code I had left. * Clean-up - Fixed up the readme. * Added Azam's suggestions * Cleaned the Json so it's standardized. * Removed the total size from the meta data as it's not needed. * Cleaning up some comments+fixed observation queries. Signed-off-by: DerekRushton <derek.rushton1@ibm.com> * Making the config values consistent. Signed-off-by: DerekRushton <derek.rushton1@ibm.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: DerekRushton <derek.rushton1@ibm.com> Co-authored-by: thangaraj-ramesh <92723742+thangaraj-ramesh@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Danny Elliott <danny.elliott@ibm.com> Co-authored-by: Md Azam <mdazam@ca.ibm.com> Co-authored-by: Xiaokui Shu <subbyte@gmail.com> Co-authored-by: Alex-Kidston <113187177+Alex-Kidston@users.noreply.github.com> Co-authored-by: Kane Brennan <Kane.Brennan@ibm.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Some important mapping improvements for email.*:
email.*in stix_transmission (this is a hidden filter for this connector only)