From 7c7904265ac5d89646b9723a8b28fcff7c559f09 Mon Sep 17 00:00:00 2001 From: patel-bhavin <7771446+patel-bhavin@users.noreply.github.com> Date: Wed, 8 Jan 2025 06:58:09 +0000 Subject: [PATCH 1/8] Updated TAs --- contentctl.yml | 8 ++++---- data_sources/aws_cloudfront.yml | 2 +- data_sources/aws_cloudtrail.yml | 2 +- data_sources/aws_cloudtrail_assumerolewithsaml.yml | 2 +- data_sources/aws_cloudtrail_consolelogin.yml | 2 +- data_sources/aws_cloudtrail_copyobject.yml | 2 +- data_sources/aws_cloudtrail_createaccesskey.yml | 2 +- data_sources/aws_cloudtrail_createkey.yml | 2 +- data_sources/aws_cloudtrail_createloginprofile.yml | 2 +- data_sources/aws_cloudtrail_createnetworkaclentry.yml | 2 +- data_sources/aws_cloudtrail_createpolicyversion.yml | 2 +- data_sources/aws_cloudtrail_createsnapshot.yml | 2 +- data_sources/aws_cloudtrail_createtask.yml | 2 +- data_sources/aws_cloudtrail_createvirtualmfadevice.yml | 2 +- data_sources/aws_cloudtrail_deactivatemfadevice.yml | 2 +- .../aws_cloudtrail_deleteaccountpasswordpolicy.yml | 2 +- data_sources/aws_cloudtrail_deletealarms.yml | 2 +- data_sources/aws_cloudtrail_deletedetector.yml | 2 +- data_sources/aws_cloudtrail_deletegroup.yml | 2 +- data_sources/aws_cloudtrail_deleteipset.yml | 2 +- data_sources/aws_cloudtrail_deleteloggroup.yml | 2 +- data_sources/aws_cloudtrail_deletelogstream.yml | 2 +- data_sources/aws_cloudtrail_deletenetworkaclentry.yml | 2 +- data_sources/aws_cloudtrail_deletepolicy.yml | 2 +- data_sources/aws_cloudtrail_deleterule.yml | 2 +- data_sources/aws_cloudtrail_deletesnapshot.yml | 2 +- data_sources/aws_cloudtrail_deletetrail.yml | 2 +- data_sources/aws_cloudtrail_deletevirtualmfadevice.yml | 2 +- data_sources/aws_cloudtrail_deletewebacl.yml | 2 +- data_sources/aws_cloudtrail_describeeventaggregates.yml | 2 +- data_sources/aws_cloudtrail_describeimagescanfindings.yml | 2 +- data_sources/aws_cloudtrail_getaccountpasswordpolicy.yml | 2 +- data_sources/aws_cloudtrail_getobject.yml | 2 +- data_sources/aws_cloudtrail_getpassworddata.yml | 2 +- data_sources/aws_cloudtrail_jobcreated.yml | 2 +- data_sources/aws_cloudtrail_modifydbinstance.yml | 2 +- data_sources/aws_cloudtrail_modifyimageattribute.yml | 2 +- data_sources/aws_cloudtrail_modifysnapshotattribute.yml | 2 +- data_sources/aws_cloudtrail_putbucketacl.yml | 2 +- data_sources/aws_cloudtrail_putbucketlifecycle.yml | 2 +- data_sources/aws_cloudtrail_putbucketreplication.yml | 2 +- data_sources/aws_cloudtrail_putbucketversioning.yml | 2 +- data_sources/aws_cloudtrail_putimage.yml | 2 +- data_sources/aws_cloudtrail_putkeypolicy.yml | 2 +- data_sources/aws_cloudtrail_replacenetworkaclentry.yml | 2 +- data_sources/aws_cloudtrail_setdefaultpolicyversion.yml | 2 +- data_sources/aws_cloudtrail_stoplogging.yml | 2 +- .../aws_cloudtrail_updateaccountpasswordpolicy.yml | 2 +- data_sources/aws_cloudtrail_updateloginprofile.yml | 2 +- data_sources/aws_cloudtrail_updatesamlprovider.yml | 2 +- data_sources/aws_cloudtrail_updatetrail.yml | 2 +- data_sources/aws_cloudwatchlogs_vpcflow.yml | 2 +- data_sources/aws_security_hub.yml | 2 +- data_sources/o365.yml | 2 +- .../o365_add_app_role_assignment_grant_to_user_.yml | 2 +- ...o365_add_app_role_assignment_to_service_principal_.yml | 2 +- data_sources/o365_add_mailboxpermission.yml | 2 +- data_sources/o365_add_member_to_role_.yml | 2 +- data_sources/o365_add_owner_to_application_.yml | 2 +- data_sources/o365_add_service_principal_.yml | 2 +- data_sources/o365_change_user_license_.yml | 2 +- data_sources/o365_consent_to_application_.yml | 2 +- data_sources/o365_disable_strong_authentication_.yml | 2 +- data_sources/o365_mailitemsaccessed.yml | 2 +- data_sources/o365_modifyfolderpermissions.yml | 2 +- data_sources/o365_set_company_information_.yml | 2 +- data_sources/o365_set_mailbox.yml | 2 +- data_sources/o365_update_application_.yml | 2 +- data_sources/o365_update_authorization_policy_.yml | 2 +- data_sources/o365_update_user_.yml | 2 +- data_sources/o365_userloggedin.yml | 2 +- data_sources/o365_userloginfailed.yml | 2 +- 72 files changed, 75 insertions(+), 75 deletions(-) diff --git a/contentctl.yml b/contentctl.yml index 5f224e985d..203318285b 100644 --- a/contentctl.yml +++ b/contentctl.yml @@ -137,9 +137,9 @@ apps: - uid: 1876 title: Splunk Add-on for AWS appid: Splunk_TA_aws - version: 7.8.0 + version: 7.9.0 description: description of app - hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-amazon-web-services-aws_780.tgz + hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-amazon-web-services-aws_790.tgz - uid: 3088 title: Splunk Add-on for Google Cloud Platform appid: SPLUNK_ADD_ON_FOR_GOOGLE_CLOUD_PLATFORM @@ -161,9 +161,9 @@ apps: - uid: 4055 title: Splunk Add-on for Microsoft Office 365 appid: SPLUNK_ADD_ON_FOR_MICROSOFT_OFFICE_365 - version: 4.6.0 + version: 4.7.0 description: description of app - hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-office-365_460.tgz + hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-microsoft-office-365_470.tgz - uid: 2890 title: Splunk Machine Learning Toolkit appid: SPLUNK_MACHINE_LEARNING_TOOLKIT diff --git a/data_sources/aws_cloudfront.yml b/data_sources/aws_cloudfront.yml index 1400f32c2f..c4f146026d 100644 --- a/data_sources/aws_cloudfront.yml +++ b/data_sources/aws_cloudfront.yml @@ -9,7 +9,7 @@ sourcetype: aws:cloudfront:accesslogs supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail.yml b/data_sources/aws_cloudtrail.yml index c78b3aa32c..af1afc59c0 100644 --- a/data_sources/aws_cloudtrail.yml +++ b/data_sources/aws_cloudtrail.yml @@ -10,4 +10,4 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 diff --git a/data_sources/aws_cloudtrail_assumerolewithsaml.yml b/data_sources/aws_cloudtrail_assumerolewithsaml.yml index 72a59101ec..ef4041930f 100644 --- a/data_sources/aws_cloudtrail_assumerolewithsaml.yml +++ b/data_sources/aws_cloudtrail_assumerolewithsaml.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_consolelogin.yml b/data_sources/aws_cloudtrail_consolelogin.yml index 58c0680484..0ddc77ce93 100644 --- a/data_sources/aws_cloudtrail_consolelogin.yml +++ b/data_sources/aws_cloudtrail_consolelogin.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_copyobject.yml b/data_sources/aws_cloudtrail_copyobject.yml index af436ffcae..44fabed1bb 100644 --- a/data_sources/aws_cloudtrail_copyobject.yml +++ b/data_sources/aws_cloudtrail_copyobject.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - additionalEventData.AuthenticationMethod diff --git a/data_sources/aws_cloudtrail_createaccesskey.yml b/data_sources/aws_cloudtrail_createaccesskey.yml index ee16fdf61e..4834e03b5d 100644 --- a/data_sources/aws_cloudtrail_createaccesskey.yml +++ b/data_sources/aws_cloudtrail_createaccesskey.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_createkey.yml b/data_sources/aws_cloudtrail_createkey.yml index e2e5558352..8c2aa289b1 100644 --- a/data_sources/aws_cloudtrail_createkey.yml +++ b/data_sources/aws_cloudtrail_createkey.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_createloginprofile.yml b/data_sources/aws_cloudtrail_createloginprofile.yml index 58af82c30a..7f09482a94 100644 --- a/data_sources/aws_cloudtrail_createloginprofile.yml +++ b/data_sources/aws_cloudtrail_createloginprofile.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_createnetworkaclentry.yml b/data_sources/aws_cloudtrail_createnetworkaclentry.yml index 9b9691d078..b9eb2d9e66 100644 --- a/data_sources/aws_cloudtrail_createnetworkaclentry.yml +++ b/data_sources/aws_cloudtrail_createnetworkaclentry.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_createpolicyversion.yml b/data_sources/aws_cloudtrail_createpolicyversion.yml index d0460c7249..49b4ea9e54 100644 --- a/data_sources/aws_cloudtrail_createpolicyversion.yml +++ b/data_sources/aws_cloudtrail_createpolicyversion.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_createsnapshot.yml b/data_sources/aws_cloudtrail_createsnapshot.yml index a2399c10fc..d8140341e4 100644 --- a/data_sources/aws_cloudtrail_createsnapshot.yml +++ b/data_sources/aws_cloudtrail_createsnapshot.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_createtask.yml b/data_sources/aws_cloudtrail_createtask.yml index d3d9b4ab0f..64c885e902 100644 --- a/data_sources/aws_cloudtrail_createtask.yml +++ b/data_sources/aws_cloudtrail_createtask.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_createvirtualmfadevice.yml b/data_sources/aws_cloudtrail_createvirtualmfadevice.yml index fc456a999f..579ea87956 100644 --- a/data_sources/aws_cloudtrail_createvirtualmfadevice.yml +++ b/data_sources/aws_cloudtrail_createvirtualmfadevice.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deactivatemfadevice.yml b/data_sources/aws_cloudtrail_deactivatemfadevice.yml index 3c92dc2d44..bfef68070f 100644 --- a/data_sources/aws_cloudtrail_deactivatemfadevice.yml +++ b/data_sources/aws_cloudtrail_deactivatemfadevice.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deleteaccountpasswordpolicy.yml b/data_sources/aws_cloudtrail_deleteaccountpasswordpolicy.yml index ee3b0b9c82..3998089a44 100644 --- a/data_sources/aws_cloudtrail_deleteaccountpasswordpolicy.yml +++ b/data_sources/aws_cloudtrail_deleteaccountpasswordpolicy.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletealarms.yml b/data_sources/aws_cloudtrail_deletealarms.yml index 98d2395efb..d7b436d019 100644 --- a/data_sources/aws_cloudtrail_deletealarms.yml +++ b/data_sources/aws_cloudtrail_deletealarms.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletedetector.yml b/data_sources/aws_cloudtrail_deletedetector.yml index ce9406543a..df3b6cea4e 100644 --- a/data_sources/aws_cloudtrail_deletedetector.yml +++ b/data_sources/aws_cloudtrail_deletedetector.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_deletegroup.yml b/data_sources/aws_cloudtrail_deletegroup.yml index 688e96e193..f383f21440 100644 --- a/data_sources/aws_cloudtrail_deletegroup.yml +++ b/data_sources/aws_cloudtrail_deletegroup.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deleteipset.yml b/data_sources/aws_cloudtrail_deleteipset.yml index 1f76149345..9e70698a5f 100644 --- a/data_sources/aws_cloudtrail_deleteipset.yml +++ b/data_sources/aws_cloudtrail_deleteipset.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_deleteloggroup.yml b/data_sources/aws_cloudtrail_deleteloggroup.yml index 31b740396c..936f52788a 100644 --- a/data_sources/aws_cloudtrail_deleteloggroup.yml +++ b/data_sources/aws_cloudtrail_deleteloggroup.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - apiVersion diff --git a/data_sources/aws_cloudtrail_deletelogstream.yml b/data_sources/aws_cloudtrail_deletelogstream.yml index 4841aec219..591ea64693 100644 --- a/data_sources/aws_cloudtrail_deletelogstream.yml +++ b/data_sources/aws_cloudtrail_deletelogstream.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - apiVersion diff --git a/data_sources/aws_cloudtrail_deletenetworkaclentry.yml b/data_sources/aws_cloudtrail_deletenetworkaclentry.yml index 8c53796b86..7c0003f08b 100644 --- a/data_sources/aws_cloudtrail_deletenetworkaclentry.yml +++ b/data_sources/aws_cloudtrail_deletenetworkaclentry.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletepolicy.yml b/data_sources/aws_cloudtrail_deletepolicy.yml index 096c4026e2..44cd10188c 100644 --- a/data_sources/aws_cloudtrail_deletepolicy.yml +++ b/data_sources/aws_cloudtrail_deletepolicy.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deleterule.yml b/data_sources/aws_cloudtrail_deleterule.yml index f2b725a0e0..545fbcec9a 100644 --- a/data_sources/aws_cloudtrail_deleterule.yml +++ b/data_sources/aws_cloudtrail_deleterule.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - apiVersion diff --git a/data_sources/aws_cloudtrail_deletesnapshot.yml b/data_sources/aws_cloudtrail_deletesnapshot.yml index 82866ae3d2..6b586a2a3e 100644 --- a/data_sources/aws_cloudtrail_deletesnapshot.yml +++ b/data_sources/aws_cloudtrail_deletesnapshot.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletetrail.yml b/data_sources/aws_cloudtrail_deletetrail.yml index 88bf30f9f2..1555fafdac 100644 --- a/data_sources/aws_cloudtrail_deletetrail.yml +++ b/data_sources/aws_cloudtrail_deletetrail.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_deletevirtualmfadevice.yml b/data_sources/aws_cloudtrail_deletevirtualmfadevice.yml index d2f8003473..e03ef28b7d 100644 --- a/data_sources/aws_cloudtrail_deletevirtualmfadevice.yml +++ b/data_sources/aws_cloudtrail_deletevirtualmfadevice.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_deletewebacl.yml b/data_sources/aws_cloudtrail_deletewebacl.yml index f92db83a7e..2368ae2314 100644 --- a/data_sources/aws_cloudtrail_deletewebacl.yml +++ b/data_sources/aws_cloudtrail_deletewebacl.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - apiVersion diff --git a/data_sources/aws_cloudtrail_describeeventaggregates.yml b/data_sources/aws_cloudtrail_describeeventaggregates.yml index a5e0230d21..ae72fb9931 100644 --- a/data_sources/aws_cloudtrail_describeeventaggregates.yml +++ b/data_sources/aws_cloudtrail_describeeventaggregates.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_describeimagescanfindings.yml b/data_sources/aws_cloudtrail_describeimagescanfindings.yml index cf68317cb3..79696cbffc 100644 --- a/data_sources/aws_cloudtrail_describeimagescanfindings.yml +++ b/data_sources/aws_cloudtrail_describeimagescanfindings.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_getaccountpasswordpolicy.yml b/data_sources/aws_cloudtrail_getaccountpasswordpolicy.yml index 793f643fe7..376fecc828 100644 --- a/data_sources/aws_cloudtrail_getaccountpasswordpolicy.yml +++ b/data_sources/aws_cloudtrail_getaccountpasswordpolicy.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_getobject.yml b/data_sources/aws_cloudtrail_getobject.yml index f0df3b9d63..27d29dea5d 100644 --- a/data_sources/aws_cloudtrail_getobject.yml +++ b/data_sources/aws_cloudtrail_getobject.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - additionalEventData.AuthenticationMethod diff --git a/data_sources/aws_cloudtrail_getpassworddata.yml b/data_sources/aws_cloudtrail_getpassworddata.yml index 43085b0811..fc6857d804 100644 --- a/data_sources/aws_cloudtrail_getpassworddata.yml +++ b/data_sources/aws_cloudtrail_getpassworddata.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_jobcreated.yml b/data_sources/aws_cloudtrail_jobcreated.yml index 5b07052a21..b33710f139 100644 --- a/data_sources/aws_cloudtrail_jobcreated.yml +++ b/data_sources/aws_cloudtrail_jobcreated.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_modifydbinstance.yml b/data_sources/aws_cloudtrail_modifydbinstance.yml index 5aa82d23e4..813b021c40 100644 --- a/data_sources/aws_cloudtrail_modifydbinstance.yml +++ b/data_sources/aws_cloudtrail_modifydbinstance.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_modifyimageattribute.yml b/data_sources/aws_cloudtrail_modifyimageattribute.yml index 0cca19f5ba..e73a70ec35 100644 --- a/data_sources/aws_cloudtrail_modifyimageattribute.yml +++ b/data_sources/aws_cloudtrail_modifyimageattribute.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_modifysnapshotattribute.yml b/data_sources/aws_cloudtrail_modifysnapshotattribute.yml index b71ea90df8..373a15ede9 100644 --- a/data_sources/aws_cloudtrail_modifysnapshotattribute.yml +++ b/data_sources/aws_cloudtrail_modifysnapshotattribute.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_putbucketacl.yml b/data_sources/aws_cloudtrail_putbucketacl.yml index 072a543d8b..10765a8703 100644 --- a/data_sources/aws_cloudtrail_putbucketacl.yml +++ b/data_sources/aws_cloudtrail_putbucketacl.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_putbucketlifecycle.yml b/data_sources/aws_cloudtrail_putbucketlifecycle.yml index dd1735e739..c9d8491a16 100644 --- a/data_sources/aws_cloudtrail_putbucketlifecycle.yml +++ b/data_sources/aws_cloudtrail_putbucketlifecycle.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - additionalEventData.AuthenticationMethod diff --git a/data_sources/aws_cloudtrail_putbucketreplication.yml b/data_sources/aws_cloudtrail_putbucketreplication.yml index 750030b709..50c9bb4051 100644 --- a/data_sources/aws_cloudtrail_putbucketreplication.yml +++ b/data_sources/aws_cloudtrail_putbucketreplication.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - additionalEventData.AuthenticationMethod diff --git a/data_sources/aws_cloudtrail_putbucketversioning.yml b/data_sources/aws_cloudtrail_putbucketversioning.yml index 84822548b5..4d928ee0d2 100644 --- a/data_sources/aws_cloudtrail_putbucketversioning.yml +++ b/data_sources/aws_cloudtrail_putbucketversioning.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - additionalEventData.AuthenticationMethod diff --git a/data_sources/aws_cloudtrail_putimage.yml b/data_sources/aws_cloudtrail_putimage.yml index e58d7beaf2..707c03fcf6 100644 --- a/data_sources/aws_cloudtrail_putimage.yml +++ b/data_sources/aws_cloudtrail_putimage.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_putkeypolicy.yml b/data_sources/aws_cloudtrail_putkeypolicy.yml index 884fde1d98..9b2786fadb 100644 --- a/data_sources/aws_cloudtrail_putkeypolicy.yml +++ b/data_sources/aws_cloudtrail_putkeypolicy.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_replacenetworkaclentry.yml b/data_sources/aws_cloudtrail_replacenetworkaclentry.yml index 0971fe7242..4ce1405960 100644 --- a/data_sources/aws_cloudtrail_replacenetworkaclentry.yml +++ b/data_sources/aws_cloudtrail_replacenetworkaclentry.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_setdefaultpolicyversion.yml b/data_sources/aws_cloudtrail_setdefaultpolicyversion.yml index e6203dfbf5..9797971379 100644 --- a/data_sources/aws_cloudtrail_setdefaultpolicyversion.yml +++ b/data_sources/aws_cloudtrail_setdefaultpolicyversion.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_stoplogging.yml b/data_sources/aws_cloudtrail_stoplogging.yml index 40f573bf75..f285ce143e 100644 --- a/data_sources/aws_cloudtrail_stoplogging.yml +++ b/data_sources/aws_cloudtrail_stoplogging.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudtrail_updateaccountpasswordpolicy.yml b/data_sources/aws_cloudtrail_updateaccountpasswordpolicy.yml index 302b3d86f2..de90a002fe 100644 --- a/data_sources/aws_cloudtrail_updateaccountpasswordpolicy.yml +++ b/data_sources/aws_cloudtrail_updateaccountpasswordpolicy.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_updateloginprofile.yml b/data_sources/aws_cloudtrail_updateloginprofile.yml index ec0fb755c7..6978637a08 100644 --- a/data_sources/aws_cloudtrail_updateloginprofile.yml +++ b/data_sources/aws_cloudtrail_updateloginprofile.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_updatesamlprovider.yml b/data_sources/aws_cloudtrail_updatesamlprovider.yml index 089450c766..2f2cd5b188 100644 --- a/data_sources/aws_cloudtrail_updatesamlprovider.yml +++ b/data_sources/aws_cloudtrail_updatesamlprovider.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - action diff --git a/data_sources/aws_cloudtrail_updatetrail.yml b/data_sources/aws_cloudtrail_updatetrail.yml index 77e7134208..f22ec6b7ba 100644 --- a/data_sources/aws_cloudtrail_updatetrail.yml +++ b/data_sources/aws_cloudtrail_updatetrail.yml @@ -10,7 +10,7 @@ separator: eventName supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - app diff --git a/data_sources/aws_cloudwatchlogs_vpcflow.yml b/data_sources/aws_cloudwatchlogs_vpcflow.yml index 826f3aa9ed..b20242046f 100644 --- a/data_sources/aws_cloudwatchlogs_vpcflow.yml +++ b/data_sources/aws_cloudwatchlogs_vpcflow.yml @@ -9,7 +9,7 @@ sourcetype: aws:cloudwatchlogs:vpcflow separator: eventName supported_TA: - name: Splunk Add-on for AWS - version: 7.8.0 + version: 7.9.0 url: https://splunkbase.splunk.com/app/1876 fields: - _raw diff --git a/data_sources/aws_security_hub.yml b/data_sources/aws_security_hub.yml index ad32432bb8..5d4d52b2e7 100644 --- a/data_sources/aws_security_hub.yml +++ b/data_sources/aws_security_hub.yml @@ -9,7 +9,7 @@ sourcetype: aws:securityhub:finding supported_TA: - name: Splunk Add-on for AWS url: https://splunkbase.splunk.com/app/1876 - version: 7.8.0 + version: 7.9.0 fields: - _time - AwsAccountId diff --git a/data_sources/o365.yml b/data_sources/o365.yml index 8965438bc8..8102ea7c9f 100644 --- a/data_sources/o365.yml +++ b/data_sources/o365.yml @@ -10,4 +10,4 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 diff --git a/data_sources/o365_add_app_role_assignment_grant_to_user_.yml b/data_sources/o365_add_app_role_assignment_grant_to_user_.yml index c17e7e4bd8..89ececa0d0 100644 --- a/data_sources/o365_add_app_role_assignment_grant_to_user_.yml +++ b/data_sources/o365_add_app_role_assignment_grant_to_user_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_add_app_role_assignment_to_service_principal_.yml b/data_sources/o365_add_app_role_assignment_to_service_principal_.yml index 992993d3ad..365604ba84 100644 --- a/data_sources/o365_add_app_role_assignment_to_service_principal_.yml +++ b/data_sources/o365_add_app_role_assignment_to_service_principal_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_add_mailboxpermission.yml b/data_sources/o365_add_mailboxpermission.yml index 365500a267..c4869abc7a 100644 --- a/data_sources/o365_add_mailboxpermission.yml +++ b/data_sources/o365_add_mailboxpermission.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - AccessRights diff --git a/data_sources/o365_add_member_to_role_.yml b/data_sources/o365_add_member_to_role_.yml index 177c1ba5f8..c2403e0b25 100644 --- a/data_sources/o365_add_member_to_role_.yml +++ b/data_sources/o365_add_member_to_role_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_add_owner_to_application_.yml b/data_sources/o365_add_owner_to_application_.yml index 79a4166a10..fdeccc791b 100644 --- a/data_sources/o365_add_owner_to_application_.yml +++ b/data_sources/o365_add_owner_to_application_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_add_service_principal_.yml b/data_sources/o365_add_service_principal_.yml index addb76753d..ae338dcc71 100644 --- a/data_sources/o365_add_service_principal_.yml +++ b/data_sources/o365_add_service_principal_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_change_user_license_.yml b/data_sources/o365_change_user_license_.yml index 6042232c27..17222c9261 100644 --- a/data_sources/o365_change_user_license_.yml +++ b/data_sources/o365_change_user_license_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_consent_to_application_.yml b/data_sources/o365_consent_to_application_.yml index 37a5e65766..4b96c68d96 100644 --- a/data_sources/o365_consent_to_application_.yml +++ b/data_sources/o365_consent_to_application_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_disable_strong_authentication_.yml b/data_sources/o365_disable_strong_authentication_.yml index 9c99438447..53f37fa0ab 100644 --- a/data_sources/o365_disable_strong_authentication_.yml +++ b/data_sources/o365_disable_strong_authentication_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_mailitemsaccessed.yml b/data_sources/o365_mailitemsaccessed.yml index 80be9cd987..d2bad265dc 100644 --- a/data_sources/o365_mailitemsaccessed.yml +++ b/data_sources/o365_mailitemsaccessed.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - AppId diff --git a/data_sources/o365_modifyfolderpermissions.yml b/data_sources/o365_modifyfolderpermissions.yml index b1621f16e7..bf6d9f1855 100644 --- a/data_sources/o365_modifyfolderpermissions.yml +++ b/data_sources/o365_modifyfolderpermissions.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - AppId diff --git a/data_sources/o365_set_company_information_.yml b/data_sources/o365_set_company_information_.yml index 3b95185816..d40cca2fcb 100644 --- a/data_sources/o365_set_company_information_.yml +++ b/data_sources/o365_set_company_information_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_set_mailbox.yml b/data_sources/o365_set_mailbox.yml index 52bc624f6d..30ebad4b33 100644 --- a/data_sources/o365_set_mailbox.yml +++ b/data_sources/o365_set_mailbox.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - AppId diff --git a/data_sources/o365_update_application_.yml b/data_sources/o365_update_application_.yml index 12481c69f8..f78faf1948 100644 --- a/data_sources/o365_update_application_.yml +++ b/data_sources/o365_update_application_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_update_authorization_policy_.yml b/data_sources/o365_update_authorization_policy_.yml index 31acfdecd4..b53bce2417 100644 --- a/data_sources/o365_update_authorization_policy_.yml +++ b/data_sources/o365_update_authorization_policy_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_update_user_.yml b/data_sources/o365_update_user_.yml index 7af9a34bd2..5497544e68 100644 --- a/data_sources/o365_update_user_.yml +++ b/data_sources/o365_update_user_.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_userloggedin.yml b/data_sources/o365_userloggedin.yml index d85cf5ce7d..540450b496 100644 --- a/data_sources/o365_userloggedin.yml +++ b/data_sources/o365_userloggedin.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId diff --git a/data_sources/o365_userloginfailed.yml b/data_sources/o365_userloginfailed.yml index 2859aec950..b03d5032ae 100644 --- a/data_sources/o365_userloginfailed.yml +++ b/data_sources/o365_userloginfailed.yml @@ -10,7 +10,7 @@ separator: Operation supported_TA: - name: Splunk Add-on for Microsoft Office 365 url: https://splunkbase.splunk.com/app/4055 - version: 4.6.0 + version: 4.7.0 fields: - _time - ActorContextId From 5e58179a000db42e5c26c05427e945df7bd32cc6 Mon Sep 17 00:00:00 2001 From: Bhavin Patel Date: Wed, 8 Jan 2025 10:09:48 -0800 Subject: [PATCH 2/8] file name update --- contentctl.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contentctl.yml b/contentctl.yml index 203318285b..1dd1fcbc24 100644 --- a/contentctl.yml +++ b/contentctl.yml @@ -139,7 +139,7 @@ apps: appid: Splunk_TA_aws version: 7.9.0 description: description of app - hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-amazon-web-services-aws_790.tgz + hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-amazon-web-services-(aws)_790.tgz - uid: 3088 title: Splunk Add-on for Google Cloud Platform appid: SPLUNK_ADD_ON_FOR_GOOGLE_CLOUD_PLATFORM From a9129bf5e3890743c3e61fb0e037aa60d9776098 Mon Sep 17 00:00:00 2001 From: ljstella Date: Wed, 8 Jan 2025 12:40:39 -0600 Subject: [PATCH 3/8] Testing single container --- .github/workflows/unit-testing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/unit-testing.yml b/.github/workflows/unit-testing.yml index b18c860bae..ad0f80e7d2 100644 --- a/.github/workflows/unit-testing.yml +++ b/.github/workflows/unit-testing.yml @@ -39,7 +39,7 @@ jobs: git fetch origin pull/${{ github.event.pull_request.number }}/head:new_branch_for_testing #We must specifically get the PR's target branch from security_content, not the one that resides in the fork PR's forked repo git switch new_branch_for_testing - contentctl test --disable-tqdm --no-enable-integration-testing --container-settings.num-containers 2 --post-test-behavior never_pause mode:changes --mode.target-branch ${{ github.base_ref }} + contentctl test --disable-tqdm --no-enable-integration-testing --container-settings.num-containers 1 --post-test-behavior never_pause mode:changes --mode.target-branch ${{ github.base_ref }} echo "contentctl test - COMPLETED" continue-on-error: true From c591ef5ff74e070450835de8c1da499518546dd2 Mon Sep 17 00:00:00 2001 From: ljstella Date: Wed, 8 Jan 2025 12:45:30 -0600 Subject: [PATCH 4/8] Adding back two containers --- .github/workflows/unit-testing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/unit-testing.yml b/.github/workflows/unit-testing.yml index ad0f80e7d2..b18c860bae 100644 --- a/.github/workflows/unit-testing.yml +++ b/.github/workflows/unit-testing.yml @@ -39,7 +39,7 @@ jobs: git fetch origin pull/${{ github.event.pull_request.number }}/head:new_branch_for_testing #We must specifically get the PR's target branch from security_content, not the one that resides in the fork PR's forked repo git switch new_branch_for_testing - contentctl test --disable-tqdm --no-enable-integration-testing --container-settings.num-containers 1 --post-test-behavior never_pause mode:changes --mode.target-branch ${{ github.base_ref }} + contentctl test --disable-tqdm --no-enable-integration-testing --container-settings.num-containers 2 --post-test-behavior never_pause mode:changes --mode.target-branch ${{ github.base_ref }} echo "contentctl test - COMPLETED" continue-on-error: true From 5b8986469ef26bafae064528782274cd306defe7 Mon Sep 17 00:00:00 2001 From: ljstella Date: Thu, 9 Jan 2025 10:39:47 -0600 Subject: [PATCH 5/8] Removed parens that was killing app installs --- contentctl.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/contentctl.yml b/contentctl.yml index 1dd1fcbc24..a6d32bfa90 100644 --- a/contentctl.yml +++ b/contentctl.yml @@ -32,9 +32,9 @@ apps: - uid: 1621 title: Splunk Common Information Model (CIM) appid: Splunk_SA_CIM - version: 6.0.0 + version: 6.0.1 description: description of app - hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-common-information-model-cim_600.tgz + hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-common-information-model-cim_601.tgz - uid: 6553 title: Splunk Add-on for Okta Identity Cloud appid: Splunk_TA_okta_identity_cloud @@ -139,7 +139,7 @@ apps: appid: Splunk_TA_aws version: 7.9.0 description: description of app - hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-amazon-web-services-(aws)_790.tgz + hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/splunk-add-on-for-amazon-web-services-aws_790.tgz - uid: 3088 title: Splunk Add-on for Google Cloud Platform appid: SPLUNK_ADD_ON_FOR_GOOGLE_CLOUD_PLATFORM From 02afa4f4cb52dfc33c1590e67721c4aeb559824b Mon Sep 17 00:00:00 2001 From: ljstella Date: Thu, 9 Jan 2025 11:08:49 -0600 Subject: [PATCH 6/8] Adding PSC --- contentctl.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/contentctl.yml b/contentctl.yml index a6d32bfa90..6b4571a805 100644 --- a/contentctl.yml +++ b/contentctl.yml @@ -200,4 +200,10 @@ apps: version: 3.2.1 description: description of app hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/crowdstrike-falcon-event-streams-technical-add-on_321.tgz +- uid: 2882 + title: Python for Scientific Computing (for Linux 64-bit) + appid: Splunk_SA_Scientific_Python_linux_x86_64 + version: 4.2.2 + description: PSC for MLTK + hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/python-for-scientific-computing-for-linux-64-bit_422.tgz githash: d6fac80e6d50ae06b40f91519a98489d4ce3a3fd From 4b28335f826f1519ba05253b0595596499b19202 Mon Sep 17 00:00:00 2001 From: ljstella Date: Thu, 9 Jan 2025 11:12:57 -0600 Subject: [PATCH 7/8] retrigger --- contentctl.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contentctl.yml b/contentctl.yml index 6b4571a805..673412a51b 100644 --- a/contentctl.yml +++ b/contentctl.yml @@ -204,6 +204,6 @@ apps: title: Python for Scientific Computing (for Linux 64-bit) appid: Splunk_SA_Scientific_Python_linux_x86_64 version: 4.2.2 - description: PSC for MLTK + description: description of app hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/python-for-scientific-computing-for-linux-64-bit_422.tgz githash: d6fac80e6d50ae06b40f91519a98489d4ce3a3fd From 1ce4f77a4c605252716e50b7013c8611ee524050 Mon Sep 17 00:00:00 2001 From: ljstella Date: Thu, 9 Jan 2025 12:02:56 -0600 Subject: [PATCH 8/8] update description --- contentctl.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/contentctl.yml b/contentctl.yml index 673412a51b..6b4571a805 100644 --- a/contentctl.yml +++ b/contentctl.yml @@ -204,6 +204,6 @@ apps: title: Python for Scientific Computing (for Linux 64-bit) appid: Splunk_SA_Scientific_Python_linux_x86_64 version: 4.2.2 - description: description of app + description: PSC for MLTK hardcoded_path: https://attack-range-appbinaries.s3.us-west-2.amazonaws.com/python-for-scientific-computing-for-linux-64-bit_422.tgz githash: d6fac80e6d50ae06b40f91519a98489d4ce3a3fd