Garrett Spong c28795c25e [New Rule] Elastic Endpoint and External Alerts (#42) ...

* Adds the Elastic Endpoint and External Alerts rules and required schema updates
* Optimizing queries to fix tests
* Apply PEP257 changes
* Apply suggestions from code review
* Update rules/cross-platform/external_alerts.toml
* Last fixes from review
* Fixing test for unrequired default
* Adding increased default max_signals to not interfere with testing
* Make promotions folder
* Refining Elastic Endpoint rule index

Co-authored-by: Ross Wolf <31489089+rw-access@users.noreply.github.com>
Co-authored-by: Justin Ibarra <brokensound77@users.noreply.github.com>

2020-07-09 15:24:36 -06:00

..

__init__.py

Add rule loader and dependencies

2020-06-29 23:17:42 -06:00

__main__.py

Switch to click.echo() for the banner

2020-06-29 23:58:20 -06:00

attack.py

Add rule loader and dependencies

2020-06-29 23:17:42 -06:00

beats.py

Add dataset and index to network rules (#15)

2020-07-08 13:19:35 -06:00

ecs.py

Add rule loader and dependencies

2020-06-29 23:17:42 -06:00

eswrap.py

Add rule loader and dependencies

2020-06-29 23:17:42 -06:00

main.py

Add kibana-push command (#38)

2020-07-08 18:02:12 -06:00

mappings.py

Add rule loader and dependencies

2020-06-29 23:17:42 -06:00

misc.py

Package kibana index file with release rules (#40)

2020-07-08 18:58:00 -05:00

packaging.py

Package kibana index file with release rules (#40)

2020-07-08 18:58:00 -05:00

rule_formatter.py

Add rule loader and dependencies

2020-06-29 23:17:42 -06:00

rule_loader.py

Add rule loader and dependencies

2020-06-29 23:17:42 -06:00

rule.py

Remove unreachable and legacy code

2020-06-30 10:12:23 -06:00

schema.py

[New Rule] Elastic Endpoint and External Alerts (#42)

2020-07-09 15:24:36 -06:00

semver.py

Add rule loader and dependencies

2020-06-29 23:17:42 -06:00

utils.py

Remove unreachable and legacy code

2020-06-30 10:12:23 -06:00