Terrance DeJesus
50e23ba242
* updating python code for hunting library * fixed okta queries; added MITRE search capability * fixed hunting unit test imports * fixed duplicate UUID; fixed duplicate index entry bug * fixed technique finding sub-technique in search * added more unit tests * linted * flake errors addressed; fixed unit test import; fixed markdown generate bug * added description for generate-markdown command * updated README * adjusted YAML index, adjusted code for index changes * adjusted relative imports; updated CODEOWNERS * adding updates; moving to different branch for main dependencies * finished run-query command; made some code adjustments * removed some comments * revised makefile; fixed unit tests; adjusted detection rules pyproject * updated README * updated README * adjusted unit tests; adjusted hunt guidelines; updated makefile; adjusted several commands * adjusted package to be more object-oriented * removed unused variable * Add simple breakdown stats * addressed feedback; added keyword option for search * Update hunting/README.md Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com> * Update detection_rules/etc/test_hunting_cli.bash Co-authored-by: Eric Forte <119343520+eric-forte-elastic@users.noreply.github.com> * addressing feedback * addressed feedback * added message for unknown index; fixed function call * fixed search command * fixed flake error --------- Co-authored-by: Mika Ayenson <Mika.ayenson@elastic.co> Co-authored-by: Mika Ayenson <Mikaayenson@users.noreply.github.com> Co-authored-by: Eric Forte <119343520+eric-forte-elastic@users.noreply.github.com>
73 lines
1.7 KiB
Makefile
73 lines
1.7 KiB
Makefile
#################
|
|
### detection-rules
|
|
#################
|
|
|
|
VENV := ./env/detection-rules-build
|
|
VENV_BIN := $(VENV)/bin
|
|
PYTHON := $(VENV_BIN)/python
|
|
PIP := $(VENV_BIN)/pip
|
|
|
|
|
|
.PHONY: all
|
|
all: release
|
|
|
|
$(VENV):
|
|
python3.12 -m pip install --upgrade pip setuptools
|
|
python3.12 -m venv $(VENV)
|
|
|
|
.PHONY: clean
|
|
clean:
|
|
rm -rf $(VENV) *.egg-info .eggs .egg htmlcov build dist packages .build .tmp .tox __pycache__ lib/kql/build lib/kibana/build lib/kql/*.egg-info lib/kibana/*.egg-info
|
|
|
|
.PHONY: deps
|
|
deps: $(VENV)
|
|
@echo "Installing all dependencies..."
|
|
$(PIP) install .[dev]
|
|
$(PIP) install lib/kibana
|
|
$(PIP) install lib/kql
|
|
|
|
.PHONY: hunting-deps
|
|
deps: $(VENV)
|
|
@echo "Installing all dependencies..."
|
|
$(PIP) install .[hunting]
|
|
|
|
.PHONY: pytest
|
|
pytest: $(VENV) deps
|
|
$(PYTHON) -m detection_rules test
|
|
|
|
.PHONY: license-check
|
|
license-check: $(VENV) deps
|
|
@echo "LICENSE CHECK"
|
|
$(PYTHON) -m detection_rules dev license-check
|
|
|
|
.PHONY: lint
|
|
lint: $(VENV) deps
|
|
@echo "LINTING"
|
|
$(PYTHON) -m flake8 tests detection_rules --ignore D203,N815 --max-line-length 120
|
|
|
|
.PHONY: test
|
|
test: $(VENV) lint pytest
|
|
|
|
.PHONY: test-cli
|
|
test-cli: $(VENV) deps
|
|
@echo "Executing test_cli script..."
|
|
@./detection_rules/etc/test_cli.bash
|
|
|
|
.PHONY: test-remote-cli
|
|
test-remote-cli: $(VENV) deps
|
|
@echo "Executing test_remote_cli script..."
|
|
@./detection_rules/etc/test_remote_cli.bash
|
|
|
|
.PHONY: test-hunting-cli
|
|
test-remote-cli: $(VENV) hunting-deps
|
|
@echo "Executing test_hunting_cli script..."
|
|
@./detection_rules/etc/test_hunting_cli.bash
|
|
|
|
.PHONY: release
|
|
release: deps
|
|
@echo "RELEASE: $(app_name)"
|
|
$(PYTHON) -m detection_rules dev build-release --generate-navigator
|
|
rm -rf dist
|
|
mkdir dist
|
|
cp -r releases/*/*.zip dist/
|