contentctl 4.2.4__py3-none-any.whl → 4.2.5__py3-none-any.whl

contentctl/actions/initialize.py

@@ -37,8 +37,9 @@ class Initialize:
             #Throw an exception if the target exists
             shutil.copytree(source_directory, target_directory, dirs_exist_ok=False)
         
-        #Create the config file as well
-        shutil.copyfile(pathlib.Path(os.path.dirname(__file__))/'../templates/README','README')
+        # Create a README.md file.  Note that this is the README.md for the repository, not the
+        # one which will actually be packaged into the app. That is located in the app_template folder.
+        shutil.copyfile(pathlib.Path(os.path.dirname(__file__))/'../templates/README.md','README.md')
 
 
         print(f"The app '{config.app.title}' has been initialized. "

contentctl/contentctl.py

@@ -229,4 +229,7 @@ def main():
             print(e)
             
         sys.exit(1)
-    
+
+
+if __name__ == "__main__":
+    main()

contentctl/objects/correlation_search.py

@@ -104,8 +104,12 @@ class TimeoutConfig(int, Enum):
     # base amount to sleep for before beginning exponential backoff during testing
     BASE_SLEEP = 60
 
-    # max amount to wait before timing out during exponential backoff
-    MAX_SLEEP = 210
+    # NOTE: Some detections take longer to generate their risk/notables than other; testing has
+    #   shown 270s to likely be sufficient for all detections in 99% of runs; however we have
+    #   encountered a handful of transient failures in the last few months. Since our success rate
+    #   is at 100% now, we will round this to a flat 300s to accomodate these outliers.
+    # Max amount to wait before timing out during exponential backoff
+    MAX_SLEEP = 300
 
 
 # TODO (#226): evaluate sane defaults for timeframe for integration testing (e.g. 5y is good

contentctl/output/conf_output.py

@@ -169,15 +169,8 @@ class ConfOutput:
     
     def packageAppSlim(self) -> None:
         
-
-        # input_app_path = pathlib.Path(self.config.build.path_root)/f"{self.config.build.name}"
-        
-        # readme_file = pathlib.Path("README")
-        # if not readme_file.is_file():
-        #     raise Exception("The README file does not exist in this directory. Cannot build app.")
-        # shutil.copyfile(readme_file, input_app_path/readme_file.name)
-        
-        
+        raise Exception("Packaging with splunk-packaging-toolkit not currently supported as slim only supports Python 3.7. "
+                        "Please raise an issue in the contentctl GitHub if you encounter this exception.")
         try:
             import slim
             from slim.utils import SlimLogger

contentctl/templates/README.md

@@ -0,0 +1,10 @@
+# Contentctl App Readme
+
+This README file was automatically created by contentctl init. 
+Please fill it with meaningful information that describes your app.  
+
+Note that this file can contain Markdown and will be richly rendered in GitHub or most other Version Control Systems.
+
+
+Note: This readme file is actually DIFFERENT from the one that will be packaged as part of your App.
+That file is located at app_template/README.md.

{contentctl-4.2.4.dist-info → contentctl-4.2.5.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: contentctl
-Version: 4.2.4
+Version: 4.2.5
 Summary: Splunk Content Control Tool
 License: Apache 2.0
 Author: STRT
@@ -12,7 +12,7 @@ Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.12
 Requires-Dist: Jinja2 (>=3.1.4,<4.0.0)
 Requires-Dist: PyYAML (>=6.0.1,<7.0.0)
-Requires-Dist: attackcti (>=0.3.7,<0.4.0)
+Requires-Dist: attackcti (>=0.3.7,<0.5.0)
 Requires-Dist: bottle (>=0.12.25,<0.13.0)
 Requires-Dist: docker (>=7.1.0,<8.0.0)
 Requires-Dist: gitpython (>=3.1.43,<4.0.0)

{contentctl-4.2.4.dist-info → contentctl-4.2.5.dist-info}/RECORD

@@ -14,7 +14,7 @@ contentctl/actions/detection_testing/views/DetectionTestingViewCLI.py,sha256=Mos
 contentctl/actions/detection_testing/views/DetectionTestingViewFile.py,sha256=OJgmQgoVnzy7p1MN9bDyKGUhFWKzQc6ejc4F87uZG1I,1123
 contentctl/actions/detection_testing/views/DetectionTestingViewWeb.py,sha256=6mecacXFoTJxcHiRZSnlHos5Hca1jdedEEZfiIAhaJg,4706
 contentctl/actions/doc_gen.py,sha256=YNc1VYA0ikL1hWDHYjfEOmUkfhy8PEIdvTyC4ZLxQRY,863
-contentctl/actions/initialize.py,sha256=BRKmvLr50dnL4SnUEGM6jRfAghfZAmk0hFFWIZcKpxg,1809
+contentctl/actions/initialize.py,sha256=Ifi13REBwQyUfCHma6IzjM_Z8uYEZ3Qz8kmP0WIFbJQ,1975
 contentctl/actions/initialize_old.py,sha256=0qXbW_fNDvkcnEeL6Zpte8d-hpTu1REyzHsXOCY-YB8,9333
 contentctl/actions/inspect.py,sha256=6gVVKmV5CUUYOkNNVTMPKj9bM1uXVthgGCoFKZGDeS8,12628
 contentctl/actions/new_content.py,sha256=o5ZYBQ216RN6TnW_wRxVGJybx2SsJ7ht4PAi1dw45Yg,6076
@@ -23,7 +23,7 @@ contentctl/actions/reporting.py,sha256=MJEmvmoA1WnSFZEU9QM6daL_W94oOX0WXAcX1qAM2
 contentctl/actions/test.py,sha256=dx7f750_MrlvysxOmOdIro1bH0iVKF4K54TSwhvU2MU,5146
 contentctl/actions/validate.py,sha256=2iFhyhh_LXyMAXtkxnYai7CONSVx4Hb8RftEs_Z_7mI,5649
 contentctl/api.py,sha256=FBOpRhbBCBdjORmwe_8MPQ3PRZ6T0KrrFcfKovVFkug,6343
-contentctl/contentctl.py,sha256=Vr2cuvaPjpJpYvD9kVoYq7iD6rhLQEpTKmcGoq4emhA,10470
+contentctl/contentctl.py,sha256=SxWFMYquSYQAATrTBpvfj4j5DRedsOF2xO96ASs74wA,10505
 contentctl/enrichments/attack_enrichment.py,sha256=dVwXcULSeZJuQbeTlPpKDyEB9Y6uCy0UGWI83gPLTI0,6735
 contentctl/enrichments/cve_enrichment.py,sha256=SjiytaZktVNbfICXcZ2vZzBiQpOkug5taPtiJK-S1OE,2313
 contentctl/enrichments/splunk_app_enrichment.py,sha256=zDNHFLZTi2dJ1gdnh0sHkD6F1VtkblqFnhacFcCMBfc,3418
@@ -47,7 +47,7 @@ contentctl/objects/baseline.py,sha256=Lb1vJKtDdlDrzWgrdkC9oQao_TnRrOxSwOWHf4trta
 contentctl/objects/baseline_tags.py,sha256=fVhLF-NmisavybB_idu3N0Con0Ymj8clKfRMkWzBB-k,1762
 contentctl/objects/config.py,sha256=ha18aqKmkYqAvM8YI124q6JYxesYRon9rc0NMWFzCS4,43762
 contentctl/objects/constants.py,sha256=1LjiK9A7t0aHHkJz2mrW-DImdW1P98GPssTwmwNNI_M,3468
-contentctl/objects/correlation_search.py,sha256=QmYUS_yIkLT6sdAodsbc_aHuLHcL9CmY1uBcQZJB8OY,47933
+contentctl/objects/correlation_search.py,sha256=QZp1u-dwTZl9hkUOlJdHQ9h4Hp2bDHWWCKtrp3mvIUY,48310
 contentctl/objects/data_source.py,sha256=aRr6lHu-EtGmi6J2nXKD7i2ozUPtp7X-vDkQiutvD3I,1545
 contentctl/objects/deployment.py,sha256=Qc6M4yeOvxjqFKR8sfjd4CG06AbVheTOqP1mwqo4t8s,2651
 contentctl/objects/deployment_email.py,sha256=Zu9cXZdfOP6noa_mZpiK1GrYCTgi3Mim94iLGjE674c,147
@@ -93,7 +93,7 @@ contentctl/output/api_json_output.py,sha256=n3OTd5z-Vkmsn7ny6QCAar_jSMNuuJfzAQa7
 contentctl/output/attack_nav_output.py,sha256=95iKV8U9BMMgqh6cCOw1S89Ln73xmJGgJPHTYR0L7hA,2304
 contentctl/output/attack_nav_writer.py,sha256=64ILZLmNbh2XLmbopgENkeo6t-4SRRG8xZXBmtpNd4g,2219
 contentctl/output/ba_yml_output.py,sha256=Lrk13Q9-f71i3c0oNrT50G94PxdogG4k4-MI-rTMOAo,5950
-contentctl/output/conf_output.py,sha256=qCRT77UKNFCe4AufeBV8Uz9lkPqgpGzU1Y149RuEnis,10147
+contentctl/output/conf_output.py,sha256=7HcHM9pJLNnan1Kq_7ozvs5iOgfzqdKbO6gwxUZJVnc,9994
 contentctl/output/conf_writer.py,sha256=2TaCAPEtU-bMa7A2m7xOxh93PMpzIdhwiHiPLUCeCB4,8281
 contentctl/output/data_source_writer.py,sha256=ubFjm6XJ4T2d3oqfKwDFasITHeDj3HFmegqVN--5_ME,1635
 contentctl/output/detection_writer.py,sha256=AzxbssNLmsNIOaYKotew5-ONoyq1cQpKSGy3pe191B0,960
@@ -133,7 +133,7 @@ contentctl/output/templates/transforms.j2,sha256=-cSoie0LgJwibtW-GMhc9BQlmS6h1s1
 contentctl/output/templates/workflow_actions.j2,sha256=DFoZVnCa8dMRHjW2AdpoydBC0THgiH_W-Nx7WI4-uR4,925
 contentctl/output/yml_output.py,sha256=xtTD3f_WWy8O6Joi4S8gG9paot8JpQFRlwt17_ek5B4,2682
 contentctl/output/yml_writer.py,sha256=zZJ3aK-l0YQXbDweS-XZKejHblyhy2eliSthZZEogUs,1668
-contentctl/templates/README,sha256=Hg4LI9g_ss8o3u060woDkhunLXHMtKOhuFK2i-xJpuM,133
+contentctl/templates/README.md,sha256=GoRmywUqwnjaehY_GLmGqxsFXCLP9plpDYwB6W6nVPs,428
 contentctl/templates/app_default.yml,sha256=kDeYdJbfMADQPcho8iH1nqgTFrHNt4EXnIJjPHc2unI,6390
 contentctl/templates/app_template/README/essoc_story_detail.txt,sha256=7hFPBfPpRH28TFl7QchKceZLewQqgFjRWDlmxZzwpmo,897
 contentctl/templates/app_template/README/essoc_summary.txt,sha256=u6wYNYBqmmm7Kn_g_Uex8rRzMQ995MUXCavla95Y1dw,2538
@@ -169,8 +169,8 @@ contentctl/templates/detections/web/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRk
 contentctl/templates/macros/security_content_ctime.yml,sha256=Gg1YNllHVsX_YB716H1SJLWzxXZEfuJlnsgB2fuyoHU,159
 contentctl/templates/macros/security_content_summariesonly.yml,sha256=9BYUxAl2E4Nwh8K19F3AJS8Ka7ceO6ZDBjFiO3l3LY0,162
 contentctl/templates/stories/cobalt_strike.yml,sha256=rlaXxMN-5k8LnKBLPafBoksyMtlmsPMHPJOjTiMiZ-M,3063
-contentctl-4.2.4.dist-info/LICENSE.md,sha256=hQWUayRk-pAiOZbZnuy8djmoZkjKBx8MrCFpW-JiOgo,11344
-contentctl-4.2.4.dist-info/METADATA,sha256=3RsDM2IVtmjpNfbLXXS8MTkQnLYEjngx6yQyJxOeJoY,19386
-contentctl-4.2.4.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
-contentctl-4.2.4.dist-info/entry_points.txt,sha256=5bjZ2NkbQfSwK47uOnA77yCtjgXhvgxnmCQiynRF_-U,57
-contentctl-4.2.4.dist-info/RECORD,,
+contentctl-4.2.5.dist-info/LICENSE.md,sha256=hQWUayRk-pAiOZbZnuy8djmoZkjKBx8MrCFpW-JiOgo,11344
+contentctl-4.2.5.dist-info/METADATA,sha256=AKuXizf44e0rPSDHXX6viX88kBtY4M8RMh01jOEucqU,19386
+contentctl-4.2.5.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+contentctl-4.2.5.dist-info/entry_points.txt,sha256=5bjZ2NkbQfSwK47uOnA77yCtjgXhvgxnmCQiynRF_-U,57
+contentctl-4.2.5.dist-info/RECORD,,

contentctl/templates/README

@@ -1,2 +0,0 @@
-This README file was automatically created by contentctl init. 
-Please fill it with meaningful information that describes your app.