2024-03-19 14:07:16 -05:00
|
|
|
#!/bin/bash
|
|
|
|
|
|
|
|
|
|
# Path to the virtual environment
|
|
|
|
|
VENV_PATH="./env/detection-rules-build"
|
|
|
|
|
|
|
|
|
|
# Activate the virtual environment
|
|
|
|
|
source "$VENV_PATH/bin/activate"
|
|
|
|
|
|
|
|
|
|
echo "Running detection-rules remote CLI tests..."
|
|
|
|
|
|
|
|
|
|
echo "Performing a quick rule alerts search..."
|
|
|
|
|
echo "Requires .detection-rules-cfg.json credentials file set."
|
|
|
|
|
python -m detection_rules kibana search-alerts
|
|
|
|
|
|
2025-08-20 19:04:57 +05:30
|
|
|
echo "Setting Up Custom Directory..."
|
|
|
|
|
mkdir tmp-custom 2>/dev/null
|
|
|
|
|
python -m detection_rules custom-rules setup-config tmp-custom
|
|
|
|
|
export CUSTOM_RULES_DIR=./tmp-custom/
|
2024-04-26 11:12:50 -06:00
|
|
|
|
2025-08-20 19:04:57 +05:30
|
|
|
echo "Performing a rule conversion from ndjson to toml files..."
|
|
|
|
|
python -m detection_rules import-rules-to-repo detection_rules/etc/custom-consolidated-rules.ndjson -ac -e -s $CUSTOM_RULES_DIR/rules --required-only
|
|
|
|
|
|
|
|
|
|
echo "Performing a rule import to kibana..."
|
2025-07-09 10:07:42 -04:00
|
|
|
|
|
|
|
|
python -m detection_rules kibana import-rules -o -e -ac
|
2025-08-20 19:04:57 +05:30
|
|
|
|
|
|
|
|
echo "Performing a rule export..."
|
|
|
|
|
python -m detection_rules kibana export-rules -d $CUSTOM_RULES_DIR -ac -e -sv --custom-rules-only
|
|
|
|
|
|
2025-10-15 21:17:07 +02:00
|
|
|
echo "Testing ESQL Rules..."
|
|
|
|
|
python -m pytest tests/test_rules_remote.py::TestRemoteRules
|
|
|
|
|
|
2025-08-20 19:04:57 +05:30
|
|
|
echo "Removing generated files..."
|
|
|
|
|
rm -rf $CUSTOM_RULES_DIR
|
2025-07-09 10:07:42 -04:00
|
|
|
set -e CUSTOM_RULES_DIR
|
|
|
|
|
|
|
|
|
|
echo "Detection-rules Remote CLI tests completed!"
|
