Merge pull request #523 from refractionPOINT/lc-added-mtd

LC added FP metadata
2019-12-13 21:50:52 +01:00
parent 1369b3a2dc 61bcc46394
commit a25b2ec361
1 changed files with 4 additions and 1 deletions
@@ -291,11 +291,14 @@ class LimaCharlieBackend(BaseBackend):
        if ruleConfig.get("author", None) is not None:
            respondComponents[0].setdefault("metadata", {})["author"] = ruleConfig["author"]

+        if ruleConfig.get("falsepositives", None) is not None:
+            respondComponents[0].setdefault("metadata", {})["falsepositives"] = ruleConfig["falsepositives"]
+
        # Assemble it all as a single, complete D&R rule.
        return yaml.safe_dump({
            "detect": detectComponent,
            "respond": respondComponents,
-        })
+        }, default_flow_style = False)

    def generateQuery(self, parsed):
        # We override the generateQuery function because