Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Better data source tagging #3049

Merged
merged 25 commits into from
Jul 25, 2024
Merged

Better data source tagging #3049

merged 25 commits into from
Jul 25, 2024

Conversation

P4T12ICK
Copy link
Collaborator

Improved the data source handling:

  • new simple data source schema (event source doesn't exist anymore)
  • tagged a lot of detections which supported data sources
  • data_source.csv and data source lookup
  • data source field is part of annotations

pyth0n1c added 5 commits July 24, 2024 15:14
… the newly introduced osquery data_source. Additionally, fixed a serious error in mapNamesToSecurityContentObjects wherein a Security Content Object of the wrong type could be returned.
@github-actions github-actions bot added Macros and removed Lookups labels Jul 25, 2024
@patel-bhavin
Copy link
Contributor

patel-bhavin commented Jul 25, 2024

skipping results of unit-testing as no searches were changed. I will run a complete integration test on all these changes!

@patel-bhavin patel-bhavin merged commit 7ed251e into develop Jul 25, 2024
6 of 7 checks passed
@patel-bhavin patel-bhavin deleted the better_data_source_tagging branch July 25, 2024 22:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants