From 7d9d128cf68eed6eadf4cd5a59c1c51a3462eba4 Mon Sep 17 00:00:00 2001 From: pyth0n1c <87383215+pyth0n1c@users.noreply.github.com> Date: Tue, 24 Sep 2024 09:53:42 -0700 Subject: [PATCH] due to a parsing issue with events created in the risk index, create the detection type as a list of 1 element, the type of the detection --- .../abstract_security_content_objects/detection_abstract.py | 1 + 1 file changed, 1 insertion(+) diff --git a/contentctl/objects/abstract_security_content_objects/detection_abstract.py b/contentctl/objects/abstract_security_content_objects/detection_abstract.py index bd4f83df..6c15f7d2 100644 --- a/contentctl/objects/abstract_security_content_objects/detection_abstract.py +++ b/contentctl/objects/abstract_security_content_objects/detection_abstract.py @@ -248,6 +248,7 @@ def annotations(self) -> dict[str, Union[List[str], int, str]]: annotations_dict["cve"] = self.tags.cve annotations_dict["impact"] = self.tags.impact annotations_dict["type"] = self.type + annotations_dict["type_list"] = [self.type] # annotations_dict["version"] = self.version annotations_dict["data_source"] = self.data_source