@cccsaurora/howler-ui 2.13.0-dev.96 → 2.13.1

package/components/routes/templates/Templates.js

@@ -1,18 +1,16 @@
 import { jsx as _jsx, jsxs as _jsxs } from "react/jsx-runtime";
-import { Article, KeyboardArrowDown } from '@mui/icons-material';
-import { Box, Card, Collapse, IconButton, Stack, ToggleButton, ToggleButtonGroup, Tooltip, Typography } from '@mui/material';
+import { Article } from '@mui/icons-material';
+import { Stack, ToggleButton, ToggleButtonGroup, Typography } from '@mui/material';
 import api from '@cccsaurora/howler-ui/api';
 import { useAppUser } from '@cccsaurora/howler-ui/commons/components/app/hooks';
-import { TemplateContext } from '@cccsaurora/howler-ui/components/app/providers/TemplateProvider';
 import { TuiListProvider } from '@cccsaurora/howler-ui/components/elements/addons/lists';
 import { TuiListMethodContext } from '@cccsaurora/howler-ui/components/elements/addons/lists/TuiListProvider';
 import ItemManager from '@cccsaurora/howler-ui/components/elements/display/ItemManager';
 import useMyApi from '@cccsaurora/howler-ui/components/hooks/useMyApi';
 import { useMyLocalStorageItem } from '@cccsaurora/howler-ui/components/hooks/useMyLocalStorage';
-import { useCallback, useContext, useEffect, useMemo, useState } from 'react';
+import { useCallback, useContext, useEffect, useState } from 'react';
 import { useTranslation } from 'react-i18next';
 import { useNavigate, useSearchParams } from 'react-router-dom';
-import { useContextSelector } from 'use-context-selector';
 import { StorageKey } from '@cccsaurora/howler-ui/utils/constants';
 import TemplateCard from './TemplateCard';
 const TemplatesBase = () => {
@@ -22,11 +20,9 @@ const TemplatesBase = () => {
     const { dispatchApi } = useMyApi();
     const [searchParams, setSearchParams] = useSearchParams();
     const { load } = useContext(TuiListMethodContext);
-    const templates = useContextSelector(TemplateContext, ctx => ctx.templates);
     const pageCount = useMyLocalStorageItem(StorageKey.PAGE_COUNT, 25)[0];
     const [phrase, setPhrase] = useState('');
     const [offset, setOffset] = useState(parseInt(searchParams.get('offset')) || 0);
-    const [showBuiltins, setShowBuiltins] = useState(true);
     const [response, setResponse] = useState(null);
     const [types, setTypes] = useState([]);
     const [hasError, setHasError] = useState(false);
@@ -100,15 +96,12 @@ const TemplatesBase = () => {
         }
         // eslint-disable-next-line react-hooks/exhaustive-deps
     }, [offset]);
-    const builtInTemplates = useMemo(() => templates.filter(template => template.type === 'readonly'), [templates]);
     const renderer = useCallback((item, className) => _jsx(TemplateCard, { template: item, className: className }), []);
     return (_jsx(ItemManager, { onSearch: onSearch, onPageChange: onPageChange, phrase: phrase, setPhrase: setPhrase, hasError: hasError, searching: searching, searchFilters: _jsx(Stack, { direction: "row", spacing: 1, alignItems: "center", children: _jsxs(ToggleButtonGroup, { sx: { display: 'grid', gridTemplateColumns: '1fr 1fr', alignSelf: 'start' }, size: "small", value: types, onChange: (__, _types) => {
                     if (_types) {
                         setTypes(_types.length < 2 ? _types : []);
                     }
-                }, children: [_jsx(ToggleButton, { value: "personal", "aria-label": "personal", children: t('route.templates.manager.personal') }), _jsx(ToggleButton, { value: "global", "aria-label": "global", children: t('route.templates.manager.global') })] }) }), aboveSearch: _jsx(Typography, { sx: theme => ({ fontStyle: 'italic', color: theme.palette.text.disabled, mb: 0.5 }), variant: "body2", children: t('route.templates.search.prompt') }), belowSearch: types.length !== 1 &&
-            offset < 1 &&
-            builtInTemplates.length > 0 && (_jsx(Card, { sx: { p: 1, mb: 1 }, children: _jsxs(Stack, { children: [_jsxs(Stack, { direction: "row", alignItems: "center", spacing: 1, children: [_jsx(Typography, { children: t('route.templates.builtin.show') }), _jsx(Tooltip, { title: t(`route.templates.builtin.${showBuiltins ? 'hide' : 'show'}`), children: _jsx(IconButton, { size: "small", onClick: () => setShowBuiltins(!showBuiltins), children: _jsx(KeyboardArrowDown, { fontSize: "small", sx: { transition: 'rotate 250ms', rotate: showBuiltins ? '180deg' : '0deg' } }) }) })] }), _jsxs(Collapse, { in: showBuiltins, children: [_jsx(Box, { sx: { mt: 1 } }), builtInTemplates.map(template => renderer(template))] })] }) })), renderer: ({ item }, classRenderer) => renderer(item.item, classRenderer()), response: response, onSelect: (item) => navigate(`/templates/view?type=${item.item.type}&analytic=${item.item.analytic}${item.item.detection ? '&detection=' + item.item.detection : ''}`), onCreate: () => navigate('/templates/view'), createPrompt: "route.templates.create", searchPrompt: "route.templates.manager.search", createIcon: _jsx(Article, { sx: { mr: 1 } }) }));
+                }, children: [_jsx(ToggleButton, { value: "personal", "aria-label": "personal", children: t('route.templates.manager.personal') }), _jsx(ToggleButton, { value: "global", "aria-label": "global", children: t('route.templates.manager.global') })] }) }), aboveSearch: _jsx(Typography, { sx: theme => ({ fontStyle: 'italic', color: theme.palette.text.disabled, mb: 0.5 }), variant: "body2", children: t('route.templates.search.prompt') }), renderer: ({ item }, classRenderer) => renderer(item.item, classRenderer()), response: response, onSelect: (item) => navigate(`/templates/view?type=${item.item.type}&analytic=${item.item.analytic}${item.item.detection ? '&detection=' + item.item.detection : ''}`), onCreate: () => navigate('/templates/view'), createPrompt: "route.templates.create", searchPrompt: "route.templates.manager.search", createIcon: _jsx(Article, { sx: { mr: 1 } }) }));
 };
 const Templates = () => {
     return (_jsx(TuiListProvider, { children: _jsx(TemplatesBase, {}) }));

package/components/routes/views/ViewComposer.js

@@ -72,7 +72,14 @@ const ViewComposer = () => {
                 navigate(`/views/${newView.view_id}`);
             }
             else {
-                await editView(routeParams.id, title, query, sort || null, span || null, advanceOnTriage);
+                await editView(routeParams.id, {
+                    title,
+                    type,
+                    query,
+                    sort,
+                    span,
+                    settings: { advance_on_triage: advanceOnTriage }
+                });
             }
             showSuccessMessage(t(routeParams.id ? 'route.views.update.success' : 'route.views.create.success'));
         }

package/components/routes/views/Views.js

@@ -39,7 +39,7 @@ const ViewsBase = () => {
     const [phrase, setPhrase] = useState('');
     const [offset, setOffset] = useState(parseInt(searchParams.get('offset')) || 0);
     const [response, setResponse] = useState(null);
-    const [types, setTypes] = useState([]);
+    const [type, setType] = useState(searchParams.get('type') || null);
     const [hasError, setHasError] = useState(false);
     const [searching, setSearching] = useState(false);
     const [favouritesOnly, setFavouritesOnly] = useState(false);
@@ -58,7 +58,7 @@ const ViewsBase = () => {
             setSearchParams(searchParams, { replace: true });
             const searchTerm = phrase ? `*${sanitizeLuceneQuery(phrase)}*` : '*';
             const phraseQuery = FIELDS_TO_SEARCH.map(_field => `${_field}:${searchTerm}`).join(' OR ');
-            const typeQuery = `(type:global OR owner:(${user.username} OR none)) AND type:(${types.join(' OR ') || '*'}${types.includes('personal') ? ' OR readonly' : ''})`;
+            const typeQuery = `(type:global OR owner:(${user.username} OR none)) AND type:(${type ?? '*'}${type === 'personal' ? ' OR readonly' : ''})`;
             const favouritesQuery = favouritesOnly && user.favourite_views.length > 0 ? ` AND view_id:(${user.favourite_views.join(' OR ')})` : '';
             setResponse(await dispatchApi(api.search.view.post({
                 query: `(${phraseQuery}) AND ${typeQuery}${favouritesQuery}`,
@@ -78,7 +78,7 @@ const ViewsBase = () => {
         searchParams,
         user.username,
         user.favourite_views,
-        types,
+        type,
         favouritesOnly,
         dispatchApi,
         pageCount,
@@ -132,9 +132,29 @@ const ViewsBase = () => {
             setDefaultViewLoading(false);
         }
     }, [fetchViews]);
+    const onTypeChange = useCallback(async (_type) => {
+        setType(_type);
+        if (_type) {
+            searchParams.delete('type');
+            searchParams.set('type', _type);
+            setSearchParams(searchParams, { replace: true });
+        }
+        else if (searchParams.has('type')) {
+            searchParams.delete('type');
+            setSearchParams(searchParams, { replace: true });
+        }
+    }, [searchParams, setSearchParams]);
     useEffect(() => {
+        let changed = false;
         if (!searchParams.has('offset')) {
             searchParams.set('offset', '0');
+            changed = true;
+        }
+        if (searchParams.has('type') && !['personal', 'global'].includes(searchParams.get('type'))) {
+            searchParams.delete('type');
+            changed = true;
+        }
+        if (changed) {
             setSearchParams(searchParams, { replace: true });
         }
     }, [searchParams, setSearchParams]);
@@ -150,12 +170,8 @@ const ViewsBase = () => {
             onSearch();
         }
         // eslint-disable-next-line react-hooks/exhaustive-deps
-    }, [offset, favouritesOnly, types]);
-    return (_jsx(ItemManager, { onSearch: onSearch, onPageChange: onPageChange, phrase: phrase, setPhrase: setPhrase, hasError: hasError, searching: searching, searchFilters: _jsx(Stack, { direction: "row", spacing: 1, alignItems: "center", children: _jsxs(ToggleButtonGroup, { sx: { display: 'grid', gridTemplateColumns: '1fr 1fr' }, size: "small", value: types, onChange: (__, _types) => {
-                    if (_types) {
-                        setTypes(_types.length < 2 ? _types : []);
-                    }
-                }, children: [_jsx(ToggleButton, { value: "personal", "aria-label": "personal", children: t('route.views.manager.personal') }), _jsx(ToggleButton, { value: "global", "aria-label": "global", children: t('route.views.manager.global') })] }) }), aboveSearch: _jsx(Typography, { sx: theme => ({ fontStyle: 'italic', color: theme.palette.text.disabled, mb: 0.5 }), variant: "body2", children: t('route.views.search.prompt') }), afterSearch: size(views) > 0 ? (_jsx(Autocomplete, { open: defaultViewOpen, loading: defaultViewLoading, onOpen: onDefaultViewOpen, onClose: () => setDefaultViewOpen(false), options: Object.values(omitBy(views, isNull)), renderOption: ({ key, ...props }, o) => (_createElement("li", { ...props, key: key },
+    }, [offset, favouritesOnly, type]);
+    return (_jsx(ItemManager, { onSearch: onSearch, onPageChange: onPageChange, phrase: phrase, setPhrase: setPhrase, hasError: hasError, searching: searching, searchFilters: _jsx(Stack, { direction: "row", spacing: 1, alignItems: "center", children: _jsxs(ToggleButtonGroup, { sx: { display: 'grid', gridTemplateColumns: '1fr 1fr' }, size: "small", value: type, exclusive: true, onChange: (__, _type) => onTypeChange(_type), children: [_jsx(ToggleButton, { value: "personal", "aria-label": "personal", children: t('route.views.manager.personal') }), _jsx(ToggleButton, { value: "global", "aria-label": "global", children: t('route.views.manager.global') })] }) }), aboveSearch: _jsx(Typography, { sx: theme => ({ fontStyle: 'italic', color: theme.palette.text.disabled, mb: 0.5 }), variant: "body2", children: t('route.views.search.prompt') }), afterSearch: size(views) > 0 ? (_jsx(Autocomplete, { open: defaultViewOpen, loading: defaultViewLoading, onOpen: onDefaultViewOpen, onClose: () => setDefaultViewOpen(false), options: Object.values(omitBy(views, isNull)), renderOption: ({ key, ...props }, o) => (_createElement("li", { ...props, key: key },
                 _jsxs(Stack, { children: [_jsx(Typography, { variant: "body1", children: t(o.title) }), _jsx(Typography, { variant: "caption", children: _jsx("code", { children: o.query }) })] }))), renderInput: params => (_jsx(TextField, { ...params, label: t('route.views.manager.default'), sx: { minWidth: '300px' } })), filterOptions: (_views, { inputValue }) => _views.filter(v => t(v.title).toLowerCase().includes(inputValue.toLowerCase()) ||
                 v.query.toLowerCase().includes(inputValue.toLowerCase())), getOptionLabel: (v) => t(v.title), isOptionEqualToValue: (view, value) => view.view_id === value.view_id, value: views[defaultView] ?? null, onChange: (_, option) => setDefaultView(option?.view_id) })) : (_jsx(Skeleton, { variant: "rounded", width: "300px", height: "initial" })), belowSearch: _jsxs(Stack, { direction: "row", spacing: 1, alignItems: "center", children: [_jsx(Checkbox, { size: "small", disabled: user.favourite_views?.length < 1, checked: favouritesOnly, onChange: (_, checked) => setFavouritesOnly(checked) }), _jsx(Typography, { variant: "body1", sx: theme => ({ color: theme.palette.text.disabled }), children: t('route.views.manager.favourites') })] }), renderer: ({ item }, classRenderer) => (_jsx(Card, { variant: "outlined", sx: { p: 1, mb: 1, transitionProperty: 'border-color', '&:hover': { borderColor: 'primary.main' } }, className: classRenderer(), children: _jsxs(Stack, { direction: "row", alignItems: "center", spacing: 1, sx: { color: 'inherit', textDecoration: 'none' }, component: Link, to: `/views/${item.item.view_id}`, children: [_jsx(ViewTitle, { ...item.item }), _jsx(FlexOne, {}), ((item.item.owner === user.username && item.item.type !== 'readonly') ||
                         (item.item.type === 'global' && user.is_admin)) && (_jsx(Tooltip, { title: t('button.edit'), children: _jsx(IconButton, { component: Link, to: `/views/${item.item.view_id}/edit?query=${item.item.query}`, children: _jsx(Edit, {}) }) })), item.item.owner === user.username && item.item.type !== 'readonly' && (_jsx(Tooltip, { title: t('button.delete'), children: _jsx(IconButton, { onClick: event => onDelete(event, item.item.view_id), children: _jsx(Clear, {}) }) })), item.item.type === 'global' && item.item.owner !== user.username && (_jsx(Tooltip, { title: item.item.owner, children: _jsx("div", { children: _jsx(HowlerAvatar, { sx: { width: 24, height: 24, marginRight: '8px !important', marginLeft: '8px !important' }, userId: item.item.owner }) }) })), _jsx(Tooltip, { title: t('button.pin'), children: _jsx(IconButton, { onClick: e => onFavourite(e, item.item.view_id), children: user.favourite_views?.includes(item.item.view_id) ? _jsx(Star, {}) : _jsx(StarBorder, {}) }) })] }) }, item.item.view_id)), response: response, searchPrompt: "route.views.manager.search", onCreate: () => navigate('/views/create'), createPrompt: "route.views.create", createIcon: _jsx(SavedSearch, { sx: { mr: 1 } }) }));

package/index.js

@@ -1,10 +1,17 @@
 import { jsx as _jsx } from "react/jsx-runtime";
 import '@fontsource/roboto';
 import App from '@cccsaurora/howler-ui/components/app/App';
+import dayjs from 'dayjs';
+import duration from 'dayjs/plugin/duration';
+import relativeTime from 'dayjs/plugin/relativeTime';
+import utc from 'dayjs/plugin/utc';
 import '@cccsaurora/howler-ui/i18n';
 import 'index.css';
 // import howlerPluginStore from '@cccsaurora/howler-ui/plugins/store';
 import * as ReactDOM from 'react-dom/client';
+dayjs.extend(utc);
+dayjs.extend(duration);
+dayjs.extend(relativeTime);
 // This is where you can inject UI plugins to modify Howler's interface.
 // howlerPluginStore.install(new ExamplePlugin());
 ReactDOM.createRoot(document.getElementById('root')).render(_jsx(App, {}));

package/locales/en/help/search.json

@@ -26,6 +26,23 @@
     "fields.idx_view": "View index",
     "fields.important": "Important",
     "fields.important.text": "When using the search engine in the UI, your search query is performed on all these indexes at the same time unless you explicitly specify which index you want to target.",
+    "fields.textvskeywords": "Text vs Keywords",
+    "fields.textvskeywords.description": "The text field and the keyword field in Howler have differences which grant them their own use cases. These differences are shown as follows:",
+    "fields.textvskeywords.keywordfamily": "The keyword family is optimized for fields that represent individual data and includes the following field types:",
+    "fields.textvskeywords.wildcard": "wildcard",
+    "fields.textvskeywords.wildcard.description": "The wildcard type is optimized for fields with large values or high cardinality. This is the case for most telemetry fields.",
+    "fields.textvskeywords.keyword": "keyword",
+    "fields.textvskeywords.keyword.description": "Used for structured content with defined values, such as Howler specific fields. These fields do not support wildcard searches.",
+    "fields.textvskeywords.constantkeyword": "constant_keyword",
+    "fields.textvskeywords.constantkeyword.description": "For keyword fields that always contain the same value. This type should seldom be necessary.",
+    "fields.textvskeywords.keyword.more.info": "For more information regarding the Keyword field please checkout the official Elasticsearch documentation:",
+    "fields.textvskeywords.textfamily": "The Text family is optimized for searching unstructured human-readable content and includes the following field types:",
+    "fields.textvskeywords.text": "text",
+    "fields.textvskeywords.text.description": "Traditional field type for full-text content such as the body of an email or document.",
+    "fields.textvskeywords.matchonlytext": "match_only_text",
+    "fields.textvskeywords.matchonlytext.description": "A space-optimized variant of text that disables scoring and performs slower on queries that need positions. It is best suited for indexing log messages.",
+    "fields.textvskeywords.text.more.info": "For more information regarding the Text field please checkout the official Elasticsearch documentation:",
+    "fields.textvskeywords.text.keyword.compare": "To get a full list of the different use cases for both Keyword and Text fields, please checkout:",
     "fields.legend": "Legend",
     "fields.legend.default": "Queried when no fields are specified",
     "fields.legend.ip_field": "Can be queried using CIDR notation",

package/locales/en/translation.json

@@ -143,7 +143,7 @@
     "hit.details.actions.vote": "Vote",
     "hit.details.actions.vote.novote": "No Vote",
     "hit.details.asessments.ambiguous.description": "The nature of the hit was not successfully determined based on available data.",
-    "hit.details.asessments.attempt.description": "The hit was part of a failed attempt to compromise.",
+    "hit.details.asessments.attempt.description": "The hit represents malicious activity attempting to compromise systems or data.",
     "hit.details.asessments.compromise.description": "The hit was part of a successful compromise.",
     "hit.details.asessments.development.description": "The hit is related to development activity and should be ignored.",
     "hit.details.asessments.false-positive.description": "The hit is not related to the detection that created it.",
@@ -431,8 +431,13 @@
     "route.advanced.query.yaml": "Sigma Rule",
     "route.advanced.query.yaml.description": "Sigma is a generic and open signature format that allows you to describe relevant log events in a straightforward manner. The rule format is very flexible, easy to write and applicable to any type of log file.",
     "route.advanced.result.title": "Howler Advanced Search",
-    "route.advanced.result.description": "Excecute a query to show results here.",
-    "route.advanced.type": "Rule Type",
+    "route.advanced.result.description": "Execute a query to show results here.",
+    "route.advanced.rule.type": "Rule Type",
+    "route.advanced.pivot.field": "Group By Field",
+    "route.advanced.query.type": "Query Type",
+    "route.advanced.query.type.default": "Default",
+    "route.advanced.query.type.facet": "Facet",
+    "route.advanced.query.type.groupby": "Group By",
     "route.analytics": "Analytics",
     "route.analytics.deleted": "Deleted Rule!",
     "route.analytics.detections": "Detections:",
@@ -553,6 +558,7 @@
     "route.home": "User Dashboard",
     "route.login.button.oauth": "Sign in with",
     "route.search": "Search",
+    "route.clear": "Clear query",
     "route.history": "History mode: See all previous queries",
     "route.templates": "Templates",
     "route.templates.analytic": "Choose Analytic",
@@ -587,6 +593,8 @@
     "route.overviews.manager.search": "Search Overviews",
     "route.overviews.manager.delete": "Delete Overview",
     "route.overviews.manager.delete.success": "Overview Removed.",
+    "route.overviews.theme.light": "Preview in Light Mode",
+    "route.overviews.theme.dark": "Preview in Dark Mode",
     "route.dossiers": "Dossiers",
     "route.dossiers.default": "Default",
     "route.dossiers.search.prompt": "Search by title, query, or owner.",
@@ -639,6 +647,7 @@
     "route.views.manager.search": "Search Views",
     "route.views.manager.default": "Default View",
     "route.views.name": "View Name",
+    "route.views.save": "Save Query as View",
     "route.views.saved": "Pinned Views",
     "route.views.search.prompt": "Search by name, query, or owner.",
     "search.open": "Open Search",

package/locales/fr/help/search.json

@@ -26,6 +26,23 @@
     "fields.idx_view": "Index des vues",
     "fields.important": "Important",
     "fields.important.text": "Lorsque vous utilisez le moteur de recherche dans l'interface utilisateur, votre requête de recherche est effectuée sur tous ces index en même temps, sauf si vous spécifiez explicitement l'index que vous souhaitez cibler.",
+    "fields.textvskeywords": "Texte vs mots-clés",
+    "fields.textvskeywords.description": "Le champ de texte et le champ de mot-clé dans Howler présentent des différences qui leur confèrent leurs propres cas d'utilisation. Ces différences sont présentées comme suit :",
+    "fields.textvskeywords.keywordfamily": "La famille de mots-clés est optimisée pour les champs qui représentent des données individuelles et comprend les types de champs suivants :",
+    "fields.textvskeywords.wildcard": "wildcard",
+    "fields.textvskeywords.wildcard.description": "Le type générique est optimisé pour les champs contenant des valeurs importantes ou présentant une cardinalité élevée. C'est le cas de la plupart des champs de télémétrie.",
+    "fields.textvskeywords.keyword": "keyword",
+    "fields.textvskeywords.keyword.description": "Utilisé pour le contenu structuré avec des valeurs définies, telles que les champs spécifiques à Howler. Ces champs ne prennent pas en charge les recherches avec caractères génériques.",
+    "fields.textvskeywords.constantkeyword": "constant_keyword",
+    "fields.textvskeywords.constantkeyword.description": "Pour les champs de mots-clés qui contiennent toujours la même valeur. Ce type devrait rarement être nécessaire.",
+    "fields.textvskeywords.keyword.more.info": "Pour plus d'informations sur le champ Keyword, veuillez consulter la documentation officielle d'Elasticsearch :",
+    "fields.textvskeywords.textfamily": "La famille Text est optimisée pour la recherche de contenu non structuré lisible par l'homme et comprend les types de champs suivants :",
+    "fields.textvskeywords.text": "text",
+    "fields.textvskeywords.text.description": "Type de champ traditionnel pour le contenu en texte intégral, tel que le corps d'un e-mail ou d'un document.",
+    "fields.textvskeywords.matchonlytext": "match_only_text",
+    "fields.textvskeywords.matchonlytext.description": "Une variante du texte optimisée pour l'espace qui désactive le scoring et est moins performante pour les requêtes nécessitant des positions. Elle est particulièrement adaptée à l'indexation des messages de journal.",
+    "fields.textvskeywords.text.more.info": "Pour plus d'informations concernant le champ Texte, veuillez consulter la documentation officielle d'Elasticsearch :",
+    "fields.textvskeywords.text.keyword.compare": "Pour obtenir la liste complète des différents cas d'utilisation des champs Mot-clé et Texte, veuillez consulter :",
     "fields.legend": "Légende",
     "fields.legend.default": "Interrogé lorsqu'aucun champ n'est spécifié",
     "fields.legend.ip_field": "Peut être interrogé en utilisant la notation CIDR",

package/locales/fr/translation.json

@@ -143,7 +143,7 @@
     "hit.details.actions.vote": "Voter",
     "hit.details.actions.vote.novote": "Pas de vote",
     "hit.details.asessments.ambiguous.description": "La nature du hit n'a pas pu être déterminée avec succès sur la base des données disponibles.",
-    "hit.details.asessments.attempt.description": "Le hit faisait partie d'une tentative de compromis qui a échoué.",
+    "hit.details.asessments.attempt.description": "Le hit représente une activité malveillante visant à compromettre des systèmes ou des données.",
     "hit.details.asessments.compromise.description": "Le hit fait partie d'un compromis réussi.",
     "hit.details.asessments.development.description": "Le hit est liée à une activité de développement et doit être ignorée.",
     "hit.details.asessments.false-positive.description": "Le hit n'est pas lié à la détection qui l'a créé.",
@@ -431,8 +431,13 @@
     "route.advanced.query.yaml": "Règle Sigma",
     "route.advanced.query.yaml.description": "Sigma est un format de signature générique et ouvert qui vous permet de décrire des événements de journal pertinents de manière directe. Le format de règle est très flexible, facile à écrire et applicable à tout type de fichier journal.",
     "route.advanced.result.title": "Recherche avancée de howler",
-    "route.advanced.result.description": "Excecutez une requête pour afficher les résultats ici.",
-    "route.advanced.type": "Type de règle",
+    "route.advanced.result.description": "Exécutez une requête pour afficher les résultats ici.",
+    "route.advanced.rule.type": "Type de règle",
+    "route.advanced.pivot.field": "Champ à regrouper par",
+    "route.advanced.query.type": "Type de requête",
+    "route.advanced.query.type.default": "Défaut",
+    "route.advanced.query.type.facet": "Facette",
+    "route.advanced.query.type.groupby": "Regrouper",
     "route.analytics": "Analyses",
     "route.analytics.deleted": "Règle supprimée!",
     "route.analytics.detections": "Détections:",
@@ -551,6 +556,7 @@
     "route.home.title": "Howler",
     "route.home": "Tableau de bord utilisateur",
     "route.history": "Mode historique : Voir toutes les requêtes précédentes",
+    "route.clear": "Effacer la requête",
     "route.help.hit.banner": "Documentation sur en-tête de hit",
     "route.login.button.oauth": "Se connecter avec",
     "route.templates": "Modèles",
@@ -585,7 +591,8 @@
     "route.overviews.manager.search": "Rechercher les vues d'ensemble",
     "route.overviews.manager.delete": "Supprimer la vue d'ensemble",
     "route.overviews.manager.delete.success": "Vue d'ensemble Supprimée.",
-    "route.overviews.rule.explanation": "Il s'agit d'une analyse Howler. Il n'y a qu'une seule détection, qui a été présélectionnée.",
+    "route.overviews.theme.light": "Prévoyez en mode clair",
+    "route.overviews.theme.dark": "Prévoyez en mode sombre",
     "route.dossiers": "Dossiers",
     "route.dossiers.default": "Défaut",
     "route.dossiers.search.prompt": "Recherche par titre, requête ou propriétaire.",
@@ -635,6 +642,7 @@
     "route.views.manager.readonly": "Intégré",
     "route.views.manager.search": "Rechercher les vues",
     "route.views.manager": "Gérer vue",
+    "route.views.save": "Enregistrer cette requête comme vue",
     "route.views.saved": "Vues épinglées",
     "route.views.show": "Voir les vues",
     "route.views": "Vues",

package/models/WithMetadata.d.ts

@@ -0,0 +1,10 @@
+import type { Analytic } from './entities/generated/Analytic';
+import type { Dossier } from './entities/generated/Dossier';
+import type { Overview } from './entities/generated/Overview';
+import type { Template } from './entities/generated/Template';
+export type WithMetadata<T> = T & {
+    __analytic?: Analytic;
+    __overview?: Overview;
+    __template?: Template;
+    __dossiers?: Dossier[];
+};

package/models/WithMetadata.js

@@ -0,0 +1 @@
+export {};

package/models/entities/generated/ApiType.d.ts

@@ -113,6 +113,7 @@ export interface APIConfiguration {
             classification: string;
         }[];
     };
+    mapping: APIMappings;
     features: {
         borealis: boolean;
         notebook: boolean;
@@ -257,9 +258,15 @@ export interface APIC12Ndef {
     UNRESTRICTED: string;
     RESTRICTED: string;
 }
+export interface APIMappings {
+    mapping: {
+        [index: string]: string;
+    };
+}
 export interface ApiType {
     indexes: APIIndexes;
     lookups: APILookups;
     configuration: APIConfiguration;
     c12nDef: APIC12Ndef;
+    mapping: APIMappings;
 }