Ross Wolf
c0af222e7e
* WIP: Convert Rule to a dataclass * Fix make release * Lint fixes * Remove dead code * Fix lint and tests * Use Python 3.8 in GitHub actions * Update README to 3.8+ * Add Python 3.8 assertion * Fix is_dirty property * Remove incorrect pop from contents * Add mixin with from_dict() and to_dict() methods * Bypass validation for deprecated rules * Fix rule_prompt * Fix dict_hash usage * Fix rule_event_search * Switch to definitions.Date * Fix toml-lint command, ignoring 'unneeded defaults' * Moved severity Literal to definitions.Severity * Remove BaseMarshmallowDataclass * Fix lint and tests * Add maturity to metadata for rule prompt loop * Fix typo in devtools * Use rule loader to load single rule in toml-lint * Add Schema hint to __schema method * Add MITREAttackURL definition * Fix is_dirty to compare sha<-->sha * Normalize the autoformatted rule output for API and toml-lint * Make the package hash match * Make the rule object mutable but not rule contents * Restore the rules
38 lines
706 B
Python
38 lines
706 B
Python
# Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one
|
|
# or more contributor license agreements. Licensed under the Elastic License
|
|
# 2.0; you may not use this file except in compliance with the Elastic License
|
|
# 2.0.
|
|
|
|
"""Detection rules."""
|
|
import sys
|
|
|
|
assert (3, 8) <= sys.version_info < (4, 0), "Only Python 3.8+ supported"
|
|
|
|
from . import ( # noqa: E402
|
|
devtools,
|
|
docs,
|
|
eswrap,
|
|
kbwrap,
|
|
main,
|
|
mappings,
|
|
misc,
|
|
rule_formatter,
|
|
rule_loader,
|
|
schemas,
|
|
utils
|
|
)
|
|
|
|
__all__ = (
|
|
'devtools',
|
|
'docs',
|
|
'eswrap',
|
|
'kbwrap',
|
|
'mappings',
|
|
"main",
|
|
'misc',
|
|
'rule_formatter',
|
|
'rule_loader',
|
|
'schemas',
|
|
'utils',
|
|
)
|