Merge pull request #32 from mcm/master

Update SimpleXML version for recent cloud compatibility
hire-vladimir · Jan 19, 2023 · a8e9797 · a8e9797
2 parents e311023 + e41b281
commit a8e9797
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 4 deletions.
diff --git a/default/app.conf b/default/app.conf
@@ -1,6 +1,6 @@
 [install]
 is_configured = 1
-build = 1.8.0
+build = 1.8.1
 
 [ui]
 is_visible = 1
@@ -9,7 +9,7 @@ label = SA-cim_vladiator
 [launcher]
 author = [email protected]
 description = https://github.com/hire-vladimir/SA-cim_vladiator
-version = 1.8.0
+version = 1.8.1
 
 [package]
 id = SA-cim_vladiator

diff --git a/default/data/ui/views/cim_dictionary.xml b/default/data/ui/views/cim_dictionary.xml
@@ -1,4 +1,4 @@
-<form>
+<form version="1.1">
   <label>CIM Dictionary</label>
   <fieldset submitButton="true" autoRun="true">
     <input type="text" token="field">

diff --git a/default/data/ui/views/cim_validator.xml b/default/data/ui/views/cim_validator.xml
@@ -1,4 +1,4 @@
-<form script="table_icons_rangemap_now_with_mv.js" stylesheet="table_decorations.css, resize_inputs.css">
+<form script="table_icons_rangemap_now_with_mv.js" stylesheet="table_decorations.css, resize_inputs.css" version="1.1">
   <label>CIM Validator</label>
   <search id="cim_base">
     <query>| datamodel $dm$ | rex max_match=999 "fieldName\":\"(?&lt;field&gt;[^\"]+)" | stats values(field) as field | mvexpand field  | where NOT match(field, "_time|host|sourcetype|source|[A-Z]+|_bunit|_category|_priority|_requires_av|_should_update") OR match(field, "object_category")   | join type=outer field [$search_type$ $cim_search$ | head $event_limit$ | fieldsummary maxvals=15 | eventstats max(count) AS total | eval percent_coverage=round(count/total*100, 2) | table field, percent_coverage, distinct_count, total, values]  | spath input=values | rename {}.value AS sample_values {}.count AS sample_count distinct_count AS distinct_value_count total AS total_events  | fillnull value=0 percent_coverage, distinct_value_count, total_events   | mvmath field=sample_count field2=total_events | eval field_values=mvzip(mvmath_result, sample_values, " ")  | lookup cim_validation_regex field | mvrex showcount=t showunmatched=t field=sample_values validation_regex  | eval is_cim_valid=case(total_events==0, "severe!!!no extracted values found", percent_coverage &lt; 90, "elevated!!!event coverage less than 90%", mvrex_unmatched_count &gt; 0, "elevated!!!found ".mvrex_unmatched_count." unexpected values (".mvjoin(mvrex_unmatched, ", ").")", isnull(validation_regex) OR validation_regex=="", "check!!!no validation regex was found to evaluate", 1==1, "low!!!looking good!")  | lookup cim_validator_recommended_fields field OUTPUT is_recommended | eval ir=if(is_recommended=="true", "star", null()) | table ir, field, total_events, distinct_value_count, percent_coverage, field_values, is_cim_valid</query>