forked from opensearch-project/security-analytics
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add an "exists" check for "not" condition in sigma rules (opensearch-…
…project#852) * test design Signed-off-by: Joanne Wang <jowg@amazon.com> * working version Signed-off-by: Joanne Wang <jowg@amazon.com> * cleaning up Signed-off-by: Joanne Wang <jowg@amazon.com> * testing Signed-off-by: Joanne Wang <jowg@amazon.com> * working version Signed-off-by: Joanne Wang <jowg@amazon.com> * working version Signed-off-by: Joanne Wang <jowg@amazon.com> * refactored querybackend Signed-off-by: Joanne Wang <jowg@amazon.com> * working on tests Signed-off-by: Joanne Wang <jowg@amazon.com> * fixed alerting and finding tests Signed-off-by: Joanne Wang <jowg@amazon.com> * fix correlation tests Signed-off-by: Joanne Wang <jowg@amazon.com> * working all tests Signed-off-by: Joanne Wang <jowg@amazon.com> * moved test and changed alias for adldap Signed-off-by: Joanne Wang <jowg@amazon.com> * added more tests Signed-off-by: Joanne Wang <jowg@amazon.com> * cleanup code Signed-off-by: Joanne Wang <jowg@amazon.com> * remove exists flag Signed-off-by: Joanne Wang <jowg@amazon.com> --------- Signed-off-by: Joanne Wang <jowg@amazon.com>
- Loading branch information
1 parent
689760e
commit 656a5fe
Showing
7 changed files
with
779 additions
and
89 deletions.
There are no files selected for viewing
142 changes: 105 additions & 37 deletions
142
src/main/java/org/opensearch/securityanalytics/rules/backend/OSQueryBackend.java
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.