Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Tanium threat response connector #1627

Closed
wants to merge 50 commits into from
Closed

Tanium threat response connector #1627

wants to merge 50 commits into from

Conversation

DerekRushton
Copy link
Collaborator

Tanium threat response connector

DerekRushton and others added 27 commits October 27, 2023 09:04
@DerekRushton
CP4S-39527 Initial Translation Code - Draft
603fb68
@DerekRushton
Tanium Threat Response
2d41003
@thangaraj-ramesh @DerekRushton
Fix Azure log analytics results translation. (#1612)
6518434 
Updating azure log analytics review comments.
1. Added transformer for converting int to float for latitude.
2.Updated TimestampConversion transformer to handle without milliseconds and added mappings for first and last observed.
3. Updated transformer to handle ConfidenceScore value is 'nan'.
@dependabot @DerekRushton
Bump aioboto3 from 11.3.1 to 12.0.0 in /stix_shifter (#1611)
2da1bb8 
Bumps [aioboto3](https://github.com/terrycain/aioboto3) from 11.3.1 to 12.0.0.
- [Changelog](https://github.com/terrycain/aioboto3/blob/main/CHANGELOG.rst)
- [Commits](terricain/aioboto3@v11.3.1...v12.0.0)

---
updated-dependencies:
- dependency-name: aioboto3
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @DerekRushton
Bump pyopenssl from 23.2.0 to 23.3.0 in /stix_shifter (#1610)
65b57d0 
Bumps [pyopenssl](https://github.com/pyca/pyopenssl) from 23.2.0 to 23.3.0.
- [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst)
- [Commits](pyca/pyopenssl@23.2.0...23.3.0)

---
updated-dependencies:
- dependency-name: pyopenssl
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@DerekRushton
table of mapping script update for to-stix dialects (#1609)
dd81972
@dependabot @DerekRushton
Bump azure-identity from 1.14.1 to 1.15.0 in /stix_shifter (#1614)
fc72162 
Bumps [azure-identity](https://github.com/Azure/azure-sdk-for-python) from 1.14.1 to 1.15.0.
- [Release notes](https://github.com/Azure/azure-sdk-for-python/releases)
- [Changelog](https://github.com/Azure/azure-sdk-for-python/blob/main/doc/esrp_release.md)
- [Commits](Azure/azure-sdk-for-python@azure-identity_1.14.1...azure-identity_1.15.0)

---
updated-dependencies:
- dependency-name: azure-identity
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @DerekRushton
Bump flatten-json from 0.1.13 to 0.1.14 in /stix_shifter (#1613)
864df61 
Bumps [flatten-json](https://github.com/amirziai/flatten) from 0.1.13 to 0.1.14.
- [Release notes](https://github.com/amirziai/flatten/releases)
- [Commits](https://github.com/amirziai/flatten/commits)

---
updated-dependencies:
- dependency-name: flatten-json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@DerekRushton
Update CHANGELOG.md for 6.3.0
5613e39
@thangaraj-ramesh @DerekRushton
Cisco secure email added readme detailed file. (#1615)
efeafa4
@DerekRushton
Added tested communication code for Tanium
84abe79
@DerekRushton
Merge branch 'develop' into Tanium_Threat_Response_Connector
890b3cd
@DerekRushton
Added suggestions from Azam.
ff3f446
@mdazam1942 @DerekRushton
Fix parameter assignment in error handling function (#1616)
cfc9ef9
@mdazam1942 @DerekRushton
Remove future timestamp qualifier conditions (#1619)
ab45dfc
@mdazam1942 @DerekRushton
Make sure certificate is verified when required by RestApiClientAsync (
26ada3a 
…#1620)

Deprecates selfSignedCert: false bypasss
@DerekRushton
Update CHANGELOG.md for 7.0.0
07fbd98
@subbyte @DerekRushton
add email-message translation to ecs (#1621)
63a2b59
@mdazam1942 @DerekRushton
Update group_ref keyword documenation (#1622)
9c01cd5
@DerekRushton
Initial To Stix mapping - Event and Transformers
a47f9ee
@DerekRushton
Another temporary commit to hold x-oca-event form
d018be0
@DerekRushton
Finished up the to_stix mapping + test.
3fbe023
@DerekRushton
Removed additional event data.
6eb509d
@DerekRushton
Fixing the unittest failure
f2dad06
@DerekRushton
Another Attempt
09b9e8e
@mdazam1942
Merge branch 'develop' into Tanium_Threat_Response_Connector
5c2b563
@DerekRushton
Merge branch 'develop' into Tanium_Threat_Response_Connector
2f19314
@codecov Codecov
Copy link

codecov bot commented Dec 7, 2023
edited
Loading

Codecov Report

Attention: Patch coverage is 95.33170% with 38 lines in your changes are missing coverage. Please review.

Project coverage is 86.34%. Comparing base (58df245) to head (9d3b2b0).
Report is 94 commits behind head on develop.

Current head 9d3b2b0 differs from pull request most recent head 7557411

Please upload reports for the commit 7557411 to get more accurate results.

Files Patch % Lines
...er_modules/tanium/stix_translation/transformers.py 82.25% 11 Missing ⚠️
...m/tests/stix_translation/test_from_json_to_stix.py 96.48% 11 Missing ⚠️
...dules/tanium/stix_translation/query_constructor.py 92.92% 7 Missing ⚠️
...r_modules/tanium/stix_transmission/error_mapper.py 85.00% 3 Missing ⚠️
.../tests/stix_translation/test_from_stix_to_query.py 96.59% 3 Missing ⚠️
..._modules/tanium/stix_transmission/tanium_config.py 85.71% 2 Missing ⚠️
...fter_modules/tanium/stix_transmission/connector.py 98.70% 1 Missing ⚠️
Additional details and impacted files 
@@             Coverage Diff             @@
##           develop    #1627      +/-   ##
===========================================
+ Coverage    86.30%   86.34%   +0.03%     
===========================================
  Files          588      592       +4     
  Lines        50221    50597     +376     
===========================================
+ Hits         43345    43687     +342     
- Misses        6876     6910      +34

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@mdazam1942 mdazam1942 marked this pull request as ready for review January 23, 2024 13:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mdazam1942 mdazam1942 mdazam1942 left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@DerekRushton @mdazam1942 @thangaraj-ramesh @subbyte @Alex-Kidston