Ross Wolf
c0af222e7e
* WIP: Convert Rule to a dataclass * Fix make release * Lint fixes * Remove dead code * Fix lint and tests * Use Python 3.8 in GitHub actions * Update README to 3.8+ * Add Python 3.8 assertion * Fix is_dirty property * Remove incorrect pop from contents * Add mixin with from_dict() and to_dict() methods * Bypass validation for deprecated rules * Fix rule_prompt * Fix dict_hash usage * Fix rule_event_search * Switch to definitions.Date * Fix toml-lint command, ignoring 'unneeded defaults' * Moved severity Literal to definitions.Severity * Remove BaseMarshmallowDataclass * Fix lint and tests * Add maturity to metadata for rule prompt loop * Fix typo in devtools * Use rule loader to load single rule in toml-lint * Add Schema hint to __schema method * Add MITREAttackURL definition * Fix is_dirty to compare sha<-->sha * Normalize the autoformatted rule output for API and toml-lint * Make the package hash match * Make the rule object mutable but not rule contents * Restore the rules
35 lines
1.1 KiB
Python
35 lines
1.1 KiB
Python
# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
|
# or more contributor license agreements. Licensed under the Elastic License
|
|
# 2.0; you may not use this file except in compliance with the Elastic License
|
|
# 2.0.
|
|
|
|
# coding=utf-8
|
|
"""Shell for detection-rules."""
|
|
import os
|
|
import sys
|
|
|
|
import click
|
|
|
|
assert (3, 8) <= sys.version_info < (4, 0), "Only Python 3.8+ supported"
|
|
|
|
from .main import root # noqa: E402
|
|
|
|
CURR_DIR = os.path.dirname(os.path.abspath(__file__))
|
|
CLI_DIR = os.path.dirname(CURR_DIR)
|
|
ROOT_DIR = os.path.dirname(CLI_DIR)
|
|
|
|
BANNER = r"""
|
|
█▀▀▄ ▄▄▄ ▄▄▄ ▄▄▄ ▄▄▄ ▄▄▄ ▄▄▄ ▄▄▄ ▄ ▄ █▀▀▄ ▄ ▄ ▄ ▄▄▄ ▄▄▄
|
|
█ █ █▄▄ █ █▄▄ █ █ █ █ █ █▀▄ █ █▄▄▀ █ █ █ █▄▄ █▄▄
|
|
█▄▄▀ █▄▄ █ █▄▄ █▄▄ █ ▄█▄ █▄█ █ ▀▄█ █ ▀▄ █▄▄█ █▄▄ █▄▄ ▄▄█
|
|
"""
|
|
|
|
|
|
def main():
|
|
"""CLI entry point."""
|
|
click.echo(BANNER)
|
|
root(prog_name="detection_rules")
|
|
|
|
|
|
main()
|