[Bug] Adjust Kibana Path for File System Rules #2397
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
terrancedejesus
added
bug
terrancedejesus
requested review from
brokensound77 and
Mikaayenson
as code owners
terrancedejesus
commented
Nov 28, 2022
eric-forte-elastic
approved these changes
Jan 3, 2023
There was a problem hiding this comment.
LGTM.
Notes/Tests
Unit tests pass. Only other note is that black still returns formatting issues with some of the files. However, that should not be fixed here as this is a bug.
Unit test output:
detection-rules on bug-kibana-rules-path-reference is v0.1.0 via v3.8.10 (detection-rules-build) on eric.forte
❯ make test
./env/detection-rules-build/bin/python -m pip install .[dev]
Looking in indexes: https://pypi.org/simple, https://eric.forte%40elastic.co:****@artifactory.elastic.dev/artifactory/api/pypi/pypi-endgame/simple
Processing /tmp/detection-rules
Installing build dependencies ... done
Getting requirements to build wheel ... done
Preparing wheel metadata ... done
Requirement already satisfied: XlsxWriter~=1.3.6 in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (1.3.9)
Requirement already satisfied: jsonschema==3.2.0 in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (3.2.0)
Requirement already satisfied: toml==0.10.0 in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (0.10.0)
Requirement already satisfied: eql==0.9.15 in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (0.9.15)
Requirement already satisfied: typing-inspect==0.7.1 in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (0.7.1)
Requirement already satisfied: marshmallow~=3.13.0 in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (3.13.0)
Requirement already satisfied: requests~=2.27 in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (2.28.1)
Requirement already satisfied: marko in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (1.2.2)
Requirement already satisfied: jsl==0.2.4 in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (0.2.4)
Requirement already satisfied: PyYAML~=5.3 in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (5.4.1)
Requirement already satisfied: Click~=8.1.0 in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (8.1.3)
Requirement already satisfied: elasticsearch~=8.1 in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (8.5.3)
Requirement already satisfied: marshmallow-jsonschema~=0.12.0 in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (0.12.0)
Requirement already satisfied: pytoml in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (0.1.21)
Requirement already satisfied: marshmallow-dataclass[union]~=8.5.6 in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (8.5.10)
Requirement already satisfied: marshmallow-union~=0.1.15 in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (0.1.15.post1)
Requirement already satisfied: pytest>=3.6; extra == "dev" in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (7.2.0)
Requirement already satisfied: pre-commit==2.20.0; extra == "dev" in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (2.20.0)
Requirement already satisfied: flake8==3.8.1; extra == "dev" in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (3.8.1)
Requirement already satisfied: PyGithub==1.55; extra == "dev" in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (1.55)
Requirement already satisfied: pyflakes==2.2.0; extra == "dev" in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (2.2.0)
Requirement already satisfied: pep8-naming==0.7.0; extra == "dev" in ./env/detection-rules-build/lib/python3.8/site-packages (from detection-rules==0.1.0) (0.7.0)
Requirement already satisfied: six>=1.11.0 in ./env/detection-rules-build/lib/python3.8/site-packages (from jsonschema==3.2.0->detection-rules==0.1.0) (1.16.0)
Requirement already satisfied: setuptools in ./env/detection-rules-build/lib/python3.8/site-packages (from jsonschema==3.2.0->detection-rules==0.1.0) (65.6.3)
Requirement already satisfied: pyrsistent>=0.14.0 in ./env/detection-rules-build/lib/python3.8/site-packages (from jsonschema==3.2.0->detection-rules==0.1.0) (0.19.3)
Requirement already satisfied: attrs>=17.4.0 in ./env/detection-rules-build/lib/python3.8/site-packages (from jsonschema==3.2.0->detection-rules==0.1.0) (22.2.0)
Requirement already satisfied: lark-parser~=0.12.0 in ./env/detection-rules-build/lib/python3.8/site-packages (from eql==0.9.15->detection-rules==0.1.0) (0.12.0)
Requirement already satisfied: mypy-extensions>=0.3.0 in ./env/detection-rules-build/lib/python3.8/site-packages (from typing-inspect==0.7.1->detection-rules==0.1.0) (0.4.3)
Requirement already satisfied: typing-extensions>=3.7.4 in ./env/detection-rules-build/lib/python3.8/site-packages (from typing-inspect==0.7.1->detection-rules==0.1.0) (4.4.0)
Requirement already satisfied: urllib3<1.27,>=1.21.1 in ./env/detection-rules-build/lib/python3.8/site-packages (from requests~=2.27->detection-rules==0.1.0) (1.26.13)
Requirement already satisfied: idna<4,>=2.5 in ./env/detection-rules-build/lib/python3.8/site-packages (from requests~=2.27->detection-rules==0.1.0) (3.4)
Requirement already satisfied: charset-normalizer<3,>=2 in ./env/detection-rules-build/lib/python3.8/site-packages (from requests~=2.27->detection-rules==0.1.0) (2.1.1)
Requirement already satisfied: certifi>=2017.4.17 in ./env/detection-rules-build/lib/python3.8/site-packages (from requests~=2.27->detection-rules==0.1.0) (2022.12.7)
Requirement already satisfied: elastic-transport<9,>=8 in ./env/detection-rules-build/lib/python3.8/site-packages (from elasticsearch~=8.1->detection-rules==0.1.0) (8.4.0)
Requirement already satisfied: typeguard; extra == "union" in ./env/detection-rules-build/lib/python3.8/site-packages (from marshmallow-dataclass[union]~=8.5.6->detection-rules==0.1.0) (2.13.3)
Requirement already satisfied: exceptiongroup>=1.0.0rc8; python_version < "3.11" in ./env/detection-rules-build/lib/python3.8/site-packages (from pytest>=3.6; extra == "dev"->detection-rules==0.1.0) (1.1.0)
Requirement already satisfied: iniconfig in ./env/detection-rules-build/lib/python3.8/site-packages (from pytest>=3.6; extra == "dev"->detection-rules==0.1.0) (1.1.1)
Requirement already satisfied: packaging in ./env/detection-rules-build/lib/python3.8/site-packages (from pytest>=3.6; extra == "dev"->detection-rules==0.1.0) (22.0)
Requirement already satisfied: tomli>=1.0.0; python_version < "3.11" in ./env/detection-rules-build/lib/python3.8/site-packages (from pytest>=3.6; extra == "dev"->detection-rules==0.1.0) (2.0.1)
Requirement already satisfied: pluggy<2.0,>=0.12 in ./env/detection-rules-build/lib/python3.8/site-packages (from pytest>=3.6; extra == "dev"->detection-rules==0.1.0) (1.0.0)
Requirement already satisfied: cfgv>=2.0.0 in ./env/detection-rules-build/lib/python3.8/site-packages (from pre-commit==2.20.0; extra == "dev"->detection-rules==0.1.0) (3.3.1)
Requirement already satisfied: nodeenv>=0.11.1 in ./env/detection-rules-build/lib/python3.8/site-packages (from pre-commit==2.20.0; extra == "dev"->detection-rules==0.1.0) (1.7.0)
Requirement already satisfied: identify>=1.0.0 in ./env/detection-rules-build/lib/python3.8/site-packages (from pre-commit==2.20.0; extra == "dev"->detection-rules==0.1.0) (2.5.12)
Requirement already satisfied: virtualenv>=20.0.8 in ./env/detection-rules-build/lib/python3.8/site-packages (from pre-commit==2.20.0; extra == "dev"->detection-rules==0.1.0) (20.17.1)
Requirement already satisfied: mccabe<0.7.0,>=0.6.0 in ./env/detection-rules-build/lib/python3.8/site-packages (from flake8==3.8.1; extra == "dev"->detection-rules==0.1.0) (0.6.1)
Requirement already satisfied: pycodestyle<2.7.0,>=2.6.0a1 in ./env/detection-rules-build/lib/python3.8/site-packages (from flake8==3.8.1; extra == "dev"->detection-rules==0.1.0) (2.6.0)
Requirement already satisfied: deprecated in ./env/detection-rules-build/lib/python3.8/site-packages (from PyGithub==1.55; extra == "dev"->detection-rules==0.1.0) (1.2.13)
Requirement already satisfied: pyjwt>=2.0 in ./env/detection-rules-build/lib/python3.8/site-packages (from PyGithub==1.55; extra == "dev"->detection-rules==0.1.0) (2.6.0)
Requirement already satisfied: pynacl>=1.4.0 in ./env/detection-rules-build/lib/python3.8/site-packages (from PyGithub==1.55; extra == "dev"->detection-rules==0.1.0) (1.5.0)
Requirement already satisfied: flake8-polyfill<2,>=1.0.2 in ./env/detection-rules-build/lib/python3.8/site-packages (from pep8-naming==0.7.0; extra == "dev"->detection-rules==0.1.0) (1.0.2)
Requirement already satisfied: distlib<1,>=0.3.6 in ./env/detection-rules-build/lib/python3.8/site-packages (from virtualenv>=20.0.8->pre-commit==2.20.0; extra == "dev"->detection-rules==0.1.0) (0.3.6)
Requirement already satisfied: filelock<4,>=3.4.1 in ./env/detection-rules-build/lib/python3.8/site-packages (from virtualenv>=20.0.8->pre-commit==2.20.0; extra == "dev"->detection-rules==0.1.0) (3.9.0)
Requirement already satisfied: platformdirs<3,>=2.4 in ./env/detection-rules-build/lib/python3.8/site-packages (from virtualenv>=20.0.8->pre-commit==2.20.0; extra == "dev"->detection-rules==0.1.0) (2.6.2)
Requirement already satisfied: wrapt<2,>=1.10 in ./env/detection-rules-build/lib/python3.8/site-packages (from deprecated->PyGithub==1.55; extra == "dev"->detection-rules==0.1.0) (1.14.1)
Requirement already satisfied: cffi>=1.4.1 in ./env/detection-rules-build/lib/python3.8/site-packages (from pynacl>=1.4.0->PyGithub==1.55; extra == "dev"->detection-rules==0.1.0) (1.15.1)
Requirement already satisfied: pycparser in ./env/detection-rules-build/lib/python3.8/site-packages (from cffi>=1.4.1->pynacl>=1.4.0->PyGithub==1.55; extra == "dev"->detection-rules==0.1.0) (2.21)
Building wheels for collected packages: detection-rules
Building wheel for detection-rules (PEP 517) ... done
Created wheel for detection-rules: filename=detection_rules-0.1.0-py3-none-any.whl size=22733914 sha256=6264571a1da9dc8576d71a66d9ae2dac582a48e20bef1531d793ac6d365d4bf2
Stored in directory: /home/forteea1/.cache/pip/wheels/bc/3d/84/03fa809be03fe55531a4be02345d0e37850a4ad8d0c18208fd
Successfully built detection-rules
Installing collected packages: detection-rules
Attempting uninstall: detection-rules
Found existing installation: detection-rules 0.1.0
Uninstalling detection-rules-0.1.0:
Successfully uninstalled detection-rules-0.1.0
Successfully installed detection-rules-0.1.0
WARNING: You are using pip version 20.1.1; however, version 22.3.1 is available.
You should consider upgrading via the '/tmp/detection-rules/env/detection-rules-build/bin/python -m pip install --upgrade pip' command.
LINTING
./env/detection-rules-build/bin/python -m flake8 tests detection_rules --ignore D203 --max-line-length 120
./env/detection-rules-build/bin/python -m detection_rules test
█▀▀▄ ▄▄▄ ▄▄▄ ▄▄▄ ▄▄▄ ▄▄▄ ▄▄▄ ▄▄▄ ▄ ▄ █▀▀▄ ▄ ▄ ▄ ▄▄▄ ▄▄▄
█ █ █▄▄ █ █▄▄ █ █ █ █ █ █▀▄ █ █▄▄▀ █ █ █ █▄▄ █▄▄
█▄▄▀ █▄▄ █ █▄▄ █▄▄ █ ▄█▄ █▄█ █ ▀▄█ █ ▀▄ █▄▄█ █▄▄ █▄▄ ▄▄█
=================================================================================== test session starts ====================================================================================
platform linux -- Python 3.8.10, pytest-7.2.0, pluggy-1.0.0 -- /tmp/detection-rules/env/detection-rules-build/bin/python
cachedir: .pytest_cache
rootdir: /tmp/detection-rules
plugins: typeguard-2.13.3
collected 117 items
tests/test_all_rules.py::TestValidRules::test_all_rule_queries_optimized PASSED [ 0%]
tests/test_all_rules.py::TestValidRules::test_duplicate_file_names PASSED [ 1%]
tests/test_all_rules.py::TestValidRules::test_file_names PASSED [ 2%]
tests/test_all_rules.py::TestValidRules::test_production_rules_have_rta PASSED [ 3%]
tests/test_all_rules.py::TestValidRules::test_rule_type_changes PASSED [ 4%]
tests/test_all_rules.py::TestValidRules::test_schema_and_dupes PASSED [ 5%]
tests/test_all_rules.py::TestThreatMappings::test_duplicated_tactics PASSED [ 5%]
tests/test_all_rules.py::TestThreatMappings::test_tactic_to_technique_correlations PASSED [ 6%]
tests/test_all_rules.py::TestThreatMappings::test_technique_deprecations PASSED [ 7%]
tests/test_all_rules.py::TestRuleTags::test_casing_and_spacing PASSED [ 8%]
tests/test_all_rules.py::TestRuleTags::test_primary_tactic_as_tag PASSED [ 9%]
tests/test_all_rules.py::TestRuleTags::test_required_tags PASSED [ 10%]
tests/test_all_rules.py::TestRuleTimelines::test_timeline_has_title PASSED [ 11%]
tests/test_all_rules.py::TestRuleFiles::test_rule_file_name_tactic PASSED [ 11%]
tests/test_all_rules.py::TestRuleMetadata::test_all_min_stack_rules_have_comment PASSED [ 12%]
tests/test_all_rules.py::TestRuleMetadata::test_deprecated_rules PASSED [ 13%]
tests/test_all_rules.py::TestRuleMetadata::test_integration PASSED [ 14%]
tests/test_all_rules.py::TestRuleMetadata::test_rule_demotions PASSED [ 15%]
tests/test_all_rules.py::TestRuleMetadata::test_updated_date_newer_than_creation PASSED [ 16%]
tests/test_all_rules.py::TestRuleTiming::test_eql_interval_to_maxspan PASSED [ 17%]
tests/test_all_rules.py::TestRuleTiming::test_eql_lookback PASSED [ 17%]
tests/test_all_rules.py::TestRuleTiming::test_event_override PASSED [ 18%]
tests/test_all_rules.py::TestRuleTiming::test_required_lookback PASSED [ 19%]
tests/test_all_rules.py::TestLicense::test_elastic_license_only_v2 PASSED [ 20%]
tests/test_all_rules.py::TestIntegrationRules::test_integration_guide PASSED [ 21%]
tests/test_all_rules.py::TestIncompatibleFields::test_rule_backports_for_restricted_fields PASSED [ 22%]
tests/test_all_rules.py::TestBuildTimeFields::test_build_fields_min_stack PASSED [ 23%]
tests/test_all_rules.py::TestRiskScoreMismatch::test_rule_risk_score_severity_mismatch PASSED [ 23%]
tests/test_all_rules.py::TestOsqueryPluginNote::test_note_guide PASSED [ 24%]
tests/test_gh_workflows.py::TestWorkflows::test_matrix_to_lock_version_defaults PASSED [ 25%]
tests/test_mappings.py::TestMappings::test_false_positives PASSED [ 26%]
tests/test_mappings.py::TestMappings::test_true_positives PASSED [ 27%]
tests/test_mappings.py::TestRTAs::test_rtas_with_triggered_rules_have_uuid PASSED [ 28%]
tests/test_packages.py::TestPackages::test_package_loader_default_configs PASSED [ 29%]
tests/test_packages.py::TestPackages::test_package_loader_production_config PASSED [ 29%]
tests/test_packages.py::TestPackages::test_package_summary PASSED [ 30%]
tests/test_packages.py::TestPackages::test_rule_versioning PASSED [ 31%]
tests/test_packages.py::TestRegistryPackage::test_registry_package_config PASSED [ 32%]
tests/test_schemas.py::TestSchemas::test_eql_validation PASSED [ 33%]
tests/test_schemas.py::TestSchemas::test_query_downgrade_7_x PASSED [ 34%]
tests/test_schemas.py::TestSchemas::test_query_downgrade_8_x PASSED [ 35%]
tests/test_schemas.py::TestSchemas::test_threshold_downgrade_7_x PASSED [ 35%]
tests/test_schemas.py::TestSchemas::test_threshold_downgrade_8_x PASSED [ 36%]
tests/test_schemas.py::TestSchemas::test_versioned_downgrade_7_x PASSED [ 37%]
tests/test_schemas.py::TestSchemas::test_versioned_downgrade_8_x PASSED [ 38%]
tests/test_schemas.py::TestVersionLockSchema::test_version_lock_has_nested_previous PASSED [ 39%]
tests/test_schemas.py::TestVersionLockSchema::test_version_lock_no_previous PASSED [ 40%]
tests/test_schemas.py::TestVersions::test_stack_schema_map PASSED [ 41%]
tests/test_toml_formatter.py::TestRuleTomlFormatter::test_formatter_deep PASSED [ 41%]
tests/test_toml_formatter.py::TestRuleTomlFormatter::test_formatter_rule PASSED [ 42%]
tests/test_toml_formatter.py::TestRuleTomlFormatter::test_normalization PASSED [ 43%]
tests/test_utils.py::TestTimeUtils::test_caching PASSED [ 44%]
tests/test_utils.py::TestTimeUtils::test_event_class_normalization PASSED [ 45%]
tests/test_utils.py::TestTimeUtils::test_schema_multifields PASSED [ 46%]
tests/test_utils.py::TestTimeUtils::test_time_normalize PASSED [ 47%]
tests/test_version_locking.py::TestVersionLock::test_previous_entries_gte_current_min_stack PASSED [ 47%]
tests/kuery/test_dsl.py::TestKQLtoDSL::test_and_query PASSED [ 48%]
tests/kuery/test_dsl.py::TestKQLtoDSL::test_field_exists PASSED [ 49%]
tests/kuery/test_dsl.py::TestKQLtoDSL::test_field_inequality PASSED [ 50%]
tests/kuery/test_dsl.py::TestKQLtoDSL::test_field_match PASSED [ 51%]
tests/kuery/test_dsl.py::TestKQLtoDSL::test_not_query PASSED [ 52%]
tests/kuery/test_dsl.py::TestKQLtoDSL::test_optimizations PASSED [ 52%]
tests/kuery/test_dsl.py::TestKQLtoDSL::test_or_query PASSED [ 53%]
tests/kuery/test_eql2kql.py::TestEql2Kql::test_and_query PASSED [ 54%]
tests/kuery/test_eql2kql.py::TestEql2Kql::test_boolean_precedence PASSED [ 55%]
tests/kuery/test_eql2kql.py::TestEql2Kql::test_field_equals PASSED [ 56%]
tests/kuery/test_eql2kql.py::TestEql2Kql::test_field_inequality PASSED [ 57%]
tests/kuery/test_eql2kql.py::TestEql2Kql::test_ip_checks PASSED [ 58%]
tests/kuery/test_eql2kql.py::TestEql2Kql::test_list_of_values PASSED [ 58%]
tests/kuery/test_eql2kql.py::TestEql2Kql::test_not_query PASSED [ 59%]
tests/kuery/test_eql2kql.py::TestEql2Kql::test_or_query PASSED [ 60%]
tests/kuery/test_eql2kql.py::TestEql2Kql::test_wildcard_field PASSED [ 61%]
tests/kuery/test_evaluator.py::EvaluatorTests::test_and_expr PASSED [ 62%]
tests/kuery/test_evaluator.py::EvaluatorTests::test_and_values PASSED [ 63%]
tests/kuery/test_evaluator.py::EvaluatorTests::test_cidr_match PASSED [ 64%]
tests/kuery/test_evaluator.py::EvaluatorTests::test_field_exists PASSED [ 64%]
tests/kuery/test_evaluator.py::EvaluatorTests::test_flattening PASSED [ 65%]
tests/kuery/test_evaluator.py::EvaluatorTests::test_list_value PASSED [ 66%]
tests/kuery/test_evaluator.py::EvaluatorTests::test_not_value PASSED [ 67%]
tests/kuery/test_evaluator.py::EvaluatorTests::test_or_expr PASSED [ 68%]
tests/kuery/test_evaluator.py::EvaluatorTests::test_or_values PASSED [ 69%]
tests/kuery/test_evaluator.py::EvaluatorTests::test_quoted_wildcard PASSED [ 70%]
tests/kuery/test_evaluator.py::EvaluatorTests::test_range PASSED [ 70%]
tests/kuery/test_evaluator.py::EvaluatorTests::test_single_value PASSED [ 71%]
tests/kuery/test_evaluator.py::EvaluatorTests::test_wildcard PASSED [ 72%]
tests/kuery/test_kql2eql.py::TestKql2Eql::test_and_query PASSED [ 73%]
tests/kuery/test_kql2eql.py::TestKql2Eql::test_boolean_precedence PASSED [ 74%]
tests/kuery/test_kql2eql.py::TestKql2Eql::test_field_equals PASSED [ 75%]
tests/kuery/test_kql2eql.py::TestKql2Eql::test_field_inequality PASSED [ 76%]
tests/kuery/test_kql2eql.py::TestKql2Eql::test_list_of_values PASSED [ 76%]
tests/kuery/test_kql2eql.py::TestKql2Eql::test_lone_value PASSED [ 77%]
tests/kuery/test_kql2eql.py::TestKql2Eql::test_nested_query PASSED [ 78%]
tests/kuery/test_kql2eql.py::TestKql2Eql::test_not_query PASSED [ 79%]
tests/kuery/test_kql2eql.py::TestKql2Eql::test_or_query PASSED [ 80%]
tests/kuery/test_kql2eql.py::TestKql2Eql::test_schema PASSED [ 81%]
tests/kuery/test_lint.py::LintTests::test_and_not PASSED [ 82%]
tests/kuery/test_lint.py::LintTests::test_compound PASSED [ 82%]
tests/kuery/test_lint.py::LintTests::test_double_negate PASSED [ 83%]
tests/kuery/test_lint.py::LintTests::test_extract_not PASSED [ 84%]
tests/kuery/test_lint.py::LintTests::test_ip PASSED [ 85%]
tests/kuery/test_lint.py::LintTests::test_lint_field PASSED [ 86%]
tests/kuery/test_lint.py::LintTests::test_lint_precedence PASSED [ 87%]
tests/kuery/test_lint.py::LintTests::test_merge_fields PASSED [ 88%]
tests/kuery/test_lint.py::LintTests::test_mixed_demorgans PASSED [ 88%]
tests/kuery/test_lint.py::LintTests::test_not_demorgans PASSED [ 89%]
tests/kuery/test_lint.py::LintTests::test_not_or PASSED [ 90%]
tests/kuery/test_lint.py::LintTests::test_upper_tokens PASSED [ 91%]
tests/kuery/test_parser.py::ParserTests::test_conversion PASSED [ 92%]
tests/kuery/test_parser.py::ParserTests::test_date PASSED [ 93%]
tests/kuery/test_parser.py::ParserTests::test_keyword PASSED [ 94%]
tests/kuery/test_parser.py::ParserTests::test_list_equals PASSED [ 94%]
tests/kuery/test_parser.py::ParserTests::test_multiple_types_fail PASSED [ 95%]
tests/kuery/test_parser.py::ParserTests::test_multiple_types_success PASSED [ 96%]
tests/kuery/test_parser.py::ParserTests::test_number_exists PASSED [ 97%]
tests/kuery/test_parser.py::ParserTests::test_number_wildcard_fail PASSED [ 98%]
tests/kuery/test_parser.py::ParserTests::test_type_family_fail PASSED [ 99%]
tests/kuery/test_parser.py::ParserTests::test_type_family_success PASSED [100%]
===================================================================================== warnings summary =====================================================================================
env/detection-rules-build/lib/python3.8/site-packages/_pytest/config/__init__.py:1171
/tmp/detection-rules/env/detection-rules-build/lib/python3.8/site-packages/_pytest/config/__init__.py:1171: PytestAssertRewriteWarning: Module already imported so cannot be rewritten: typeguard
self._mark_plugins_for_rewrite(hook)
tests/test_all_rules.py: 199 warnings
/tmp/detection-rules/tests/test_all_rules.py:689: DeprecationWarning: Please use assertTrue instead.
self.assert_(rule.contents.data.note, f'{self.rule_str(rule)} note required for config information')
-- Docs: https://docs.pytest.org/en/stable/how-to/capture-warnings.html
============================================================================ 117 passed, 200 warnings in 15.15s ============================================================================
protectionsmachine
pushed a commit
that referenced
this pull request
Jan 3, 2023
* adjusted kibana rules path * addressed flake errors for long string * added missing / to directory path (cherry picked from commit 953e8d9)
protectionsmachine
pushed a commit
that referenced
this pull request
Jan 3, 2023
* adjusted kibana rules path * addressed flake errors for long string * added missing / to directory path (cherry picked from commit 953e8d9)
protectionsmachine
pushed a commit
that referenced
this pull request
Jan 3, 2023
* adjusted kibana rules path * addressed flake errors for long string * added missing / to directory path (cherry picked from commit 953e8d9)
protectionsmachine
pushed a commit
that referenced
this pull request
Jan 3, 2023
* adjusted kibana rules path * addressed flake errors for long string * added missing / to directory path (cherry picked from commit 953e8d9)
protectionsmachine
pushed a commit
that referenced
this pull request
Jan 3, 2023
* adjusted kibana rules path * addressed flake errors for long string * added missing / to directory path (cherry picked from commit 953e8d9)
protectionsmachine
pushed a commit
that referenced
this pull request
Jan 3, 2023
* adjusted kibana rules path * addressed flake errors for long string * added missing / to directory path (cherry picked from commit 953e8d9)
protectionsmachine
pushed a commit
that referenced
this pull request
Jan 3, 2023
* adjusted kibana rules path * addressed flake errors for long string * added missing / to directory path (cherry picked from commit 953e8d9)
protectionsmachine
pushed a commit
that referenced
this pull request
Jan 3, 2023
* adjusted kibana rules path * addressed flake errors for long string * added missing / to directory path (cherry picked from commit 953e8d9)
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Related PRs
Summary
The
add_git_argsdecorator indevtools.pyneeds to be adjusted where the default values of--kibana-directorychanges tox-pack/plugins/security_solution/server/lib/detection_engine/prebuilt_rules/content/prepackaged_rules. This is to reflect changes to the folder path in Kibana from the referenced PR above. The function name has also been adjusted and haskibanain it for better clarity.Error
Solution
After adjusting the default path, the following PR was successfully created as expected.