Merge pull request #101 from splunk/bug_match_es_spelling

Update constants.py
splunk · Feb 9, 2024 · 933aa33 · 933aa33
2 parents e854add + bdc28c4
commit 933aa33
Show file tree

Hide file tree

Showing 5 changed files with 6 additions and 142 deletions.
diff --git a/contentctl/helper/constants.py b/contentctl/helper/constants.py
diff --git a/contentctl/input/detection_builder.py b/contentctl/input/detection_builder.py
@@ -13,8 +13,7 @@
 from contentctl.enrichments.cve_enrichment import CveEnrichment
 from contentctl.enrichments.splunk_app_enrichment import SplunkAppEnrichment
 from contentctl.objects.config import ConfigDetectionConfiguration
-from contentctl.helper.constants import *
-
+from contentctl.objects.constants import ATTACK_TACTICS_KILLCHAIN_MAPPING
 
 class DetectionBuilder():
     security_content_obj : SecurityContentObject

diff --git a/contentctl/input/sigma_converter.py b/contentctl/input/sigma_converter.py
@@ -16,7 +16,6 @@
 from contentctl.input.yml_reader import YmlReader
 from contentctl.objects.detection import Detection
 from contentctl.objects.data_source import DataSource
-from contentctl.helper.constants import *
 from contentctl.objects.enums import *
 from contentctl.helper.utils import Utils
 from contentctl.input.backend_splunk_ba import SplunkBABackend

diff --git a/contentctl/input/ssa_detection_builder.py b/contentctl/input/ssa_detection_builder.py
@@ -12,7 +12,7 @@
 from contentctl.enrichments.cve_enrichment import CveEnrichment
 from contentctl.enrichments.splunk_app_enrichment import SplunkAppEnrichment
 from contentctl.objects.ssa_detection import SSADetection
-from contentctl.helper.constants import *
+from contentctl.objects.constants import ATTACK_TACTICS_KILLCHAIN_MAPPING
 
 
 class SSADetectionBuilder():

diff --git a/contentctl/objects/constants.py b/contentctl/objects/constants.py
@@ -11,8 +11,8 @@
     "Discovery": "Exploitation", 
     "Lateral Movement": "Exploitation",
     "Collection": "Exploitation",
-    "Command And Control": "Command And Control",
-    "Command And Control": "Command And Control",
+    "Command And Control": "Command and Control",
+    "Command And Control": "Command and Control",
     "Exfiltration": "Actions on Objectives",
     "Impact": "Actions on Objectives"
 }
@@ -74,7 +74,7 @@
     "Delivery": 3,
     "Exploitation": 4,
     "Installation": 5,
-    "Command And Control": 6,
+    "Command and Control": 6,
     "Actions on Objectives": 7
 }
 
@@ -132,4 +132,4 @@
     "Command_and_Control": "TA0011",
     "Exfiltration": "TA0010",
     "Impact": "TA0040"
-}
+}