[FR] Added asset tag to expected tags (#3115)
* Added asset tag to expected tags
* removed *
* Add regex wildcard tag support
* Updated tag format test location
* Updated to use env variable
* fixed typo
(cherry picked from commit 4828ae07df)
This commit is contained in:
eric-forte-elastic
committed by
github-actions[bot]
github-actions[bot]
parent
fadd7fe320
commit
89a8bdfd0c
@@ -39,6 +39,7 @@ Using the environment variable `DR_BYPASS_NOTE_VALIDATION_AND_PARSE` will bypass
|
||||
Using the environment variable `DR_BYPASS_BBR_LOOKBACK_VALIDATION` will bypass the Detection Rules lookback and interval validation
|
||||
on the building block rules.
|
||||
|
||||
Using the environment variable `DR_BYPASS_TAGS_VALIDATION` will bypass the Detection Rules Unit Tests on the `tags` field in toml files.
|
||||
|
||||
## Importing rules into the repo
|
||||
|
||||
|
||||
@@ -240,6 +240,7 @@ class TestThreatMappings(BaseRuleTest):
|
||||
f'Flatten to a single entry per tactic')
|
||||
|
||||
|
||||
@unittest.skipIf(os.environ.get('DR_BYPASS_TAGS_VALIDATION') is not None, "Skipping tag validation")
|
||||
class TestRuleTags(BaseRuleTest):
|
||||
"""Test tags data for rules."""
|
||||
|
||||
@@ -313,6 +314,7 @@ class TestRuleTags(BaseRuleTest):
|
||||
self.fail(error_msg)
|
||||
|
||||
def test_primary_tactic_as_tag(self):
|
||||
"""Test that the primary tactic is present as a tag."""
|
||||
from detection_rules.attack import tactics
|
||||
|
||||
invalid = []
|
||||
|
||||
Reference in New Issue
Block a user