-
Notifications
You must be signed in to change notification settings - Fork 76
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Add an "exists" check for "not" condition in sigma rules (#852)
* test design Signed-off-by: Joanne Wang <[email protected]> * working version Signed-off-by: Joanne Wang <[email protected]> * cleaning up Signed-off-by: Joanne Wang <[email protected]> * testing Signed-off-by: Joanne Wang <[email protected]> * working version Signed-off-by: Joanne Wang <[email protected]> * working version Signed-off-by: Joanne Wang <[email protected]> * refactored querybackend Signed-off-by: Joanne Wang <[email protected]> * working on tests Signed-off-by: Joanne Wang <[email protected]> * fixed alerting and finding tests Signed-off-by: Joanne Wang <[email protected]> * fix correlation tests Signed-off-by: Joanne Wang <[email protected]> * working all tests Signed-off-by: Joanne Wang <[email protected]> * moved test and changed alias for adldap Signed-off-by: Joanne Wang <[email protected]> * added more tests Signed-off-by: Joanne Wang <[email protected]> * cleanup code Signed-off-by: Joanne Wang <[email protected]> * remove exists flag Signed-off-by: Joanne Wang <[email protected]> --------- Signed-off-by: Joanne Wang <[email protected]>
- Loading branch information
1 parent
689760e
commit 656a5fe
Showing
7 changed files
with
779 additions
and
89 deletions.
There are no files selected for viewing
142 changes: 105 additions & 37 deletions
142
src/main/java/org/opensearch/securityanalytics/rules/backend/OSQueryBackend.java
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.