contentctl 4.3.2__py3-none-any.whl → 4.3.3__py3-none-any.whl

contentctl/objects/ssa_detection.py

@@ -59,6 +59,7 @@ class SSADetection(BaseModel):
     #         raise ValueError('name is longer then 67 chars: ' + v)
     #     return v
 
+    # TODO (#266): disable the use_enum_values configuration
     class Config:
         use_enum_values = True
 

contentctl/objects/story_tags.py

@@ -17,6 +17,8 @@ class StoryUseCase(str,Enum):
    INSIDER_THREAT = "Insider Threat"
    OTHER = "Other"
 
+
+# TODO (#266): disable the use_enum_values configuration
 class StoryTags(BaseModel):
    model_config = ConfigDict(extra='forbid', use_enum_values=True)
    category: List[StoryCategory] = Field(...,min_length=1)

contentctl/objects/{unit_test_attack_data.py → test_attack_data.py}

@@ -1,13 +1,12 @@
 from __future__ import annotations
 from pydantic import BaseModel, HttpUrl, FilePath, Field
-from typing import Union, Optional
 
 
-class UnitTestAttackData(BaseModel):
-    data: Union[HttpUrl, FilePath] = Field(...)
+class TestAttackData(BaseModel):
+    data: HttpUrl | FilePath = Field(...)
     # TODO - should source and sourcetype should be mapped to a list
     # of supported source and sourcetypes in a given environment?
     source: str = Field(...)
     sourcetype: str = Field(...)
-    custom_index: Optional[str] = None
-    host: Optional[str] = None
+    custom_index: str | None = None
+    host: str | None = None

contentctl/objects/test_group.py

@@ -2,14 +2,14 @@ from pydantic import BaseModel
 
 from contentctl.objects.unit_test import UnitTest
 from contentctl.objects.integration_test import IntegrationTest
-from contentctl.objects.unit_test_attack_data import UnitTestAttackData
+from contentctl.objects.test_attack_data import TestAttackData
 from contentctl.objects.base_test_result import TestResultStatus
 
 
 class TestGroup(BaseModel):
     """
     Groups of different types of tests relying on the same attack data
-    :param name: Name of the TestGroup (typically derived from a unit test as 
+    :param name: Name of the TestGroup (typically derived from a unit test as
         "{detection.name}:{test.name}")
     :param unit_test: a UnitTest
     :param integration_test: an IntegrationTest
@@ -18,7 +18,7 @@ class TestGroup(BaseModel):
     name: str
     unit_test: UnitTest
     integration_test: IntegrationTest
-    attack_data: list[UnitTestAttackData]
+    attack_data: list[TestAttackData]
 
     @classmethod
     def derive_from_unit_test(cls, unit_test: UnitTest, name_prefix: str) -> "TestGroup":

contentctl/objects/unit_test.py

@@ -1,10 +1,9 @@
 from __future__ import annotations
-from typing import Union
 
 from pydantic import Field
 
 from contentctl.objects.unit_test_baseline import UnitTestBaseline
-from contentctl.objects.unit_test_attack_data import UnitTestAttackData
+from contentctl.objects.test_attack_data import TestAttackData
 from contentctl.objects.unit_test_result import UnitTestResult
 from contentctl.objects.base_test import BaseTest, TestType
 from contentctl.objects.base_test_result import TestResultStatus
@@ -17,19 +16,13 @@ class UnitTest(BaseTest):
     # contentType: SecurityContentType = SecurityContentType.unit_tests
 
     # The test type (unit)
-    test_type: TestType = Field(TestType.UNIT)
-
-    # The condition to check if the search was successful
-    pass_condition: Union[str, None] = None
-
-    # Baselines to be run before a unit test
-    baselines: list[UnitTestBaseline] = []
+    test_type: TestType = Field(default=TestType.UNIT)
 
     # The attack data to be ingested for the unit test
-    attack_data: list[UnitTestAttackData]
+    attack_data: list[TestAttackData]
 
     # The result of the unit test
-    result: Union[None, UnitTestResult] = None
+    result: UnitTestResult | None = None
 
     def skip(self, message: str) -> None:
         """

contentctl/output/templates/savedsearches_detections.j2

@@ -59,7 +59,7 @@ dispatch.latest_time = {{ detection.deployment.scheduling.latest_time }}
 action.correlationsearch.enabled = 1
 action.correlationsearch.label = {{APP_NAME}} - {{ detection.name }} - Rule
 action.correlationsearch.annotations = {{ detection.annotations | tojson }}
-action.correlationsearch.metadata = {{ detection.getMetadata() | tojson }}
+action.correlationsearch.metadata = {{ detection.metadata | tojson }}
 {% if detection.deployment.scheduling.schedule_window is defined %}
 schedule_window = {{ detection.deployment.scheduling.schedule_window }}
 {% endif %}

{contentctl-4.3.2.dist-info → contentctl-4.3.3.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: contentctl
-Version: 4.3.2
+Version: 4.3.3
 Summary: Splunk Content Control Tool
 License: Apache 2.0
 Author: STRT
@@ -41,13 +41,13 @@ If you are already familiar with contentctl, the following common commands may b
 |-----------|---------|
 | Create a repository | `contentctl init` |
 | Validate Your Content | `contentctl validate` |
-| Validate Your Content, performing MITRE Enrichments | `contentctl validate –-enrichments`|
+| Validate Your Content, performing MITRE Enrichments | `contentctl validate --enrichments`|
 | Build Your App | `contentctl build` |
-| Test All the content in your app, pausing so that you can debug a search if it fails | `contentctl test –-post-test-behavior pause_on_failure mode:all` |
-| Test All the content in your app, pausing after every detection to allow debugging | `contentctl test –-post-test-behavior always_pause mode:all` |
-| Test 1 or more specified detections. If you are testing more than one detection, the paths are space-separated. You may also use shell-expanded regexes | `contentctl test –-post-test-behavior always_pause mode:selected --mode.files detections/endpoint/7zip_commandline_to_smb_share_path.yml detections/cloud/aws_multi_factor_authentication_disabled.yml detections/application/okta*` |
-| Diff your current branch with a target_branch and test detections that have been updated. Your current branch **must be DIFFERENT** than the target_branch | `contentctl test –-post-test-behavior always_pause mode:changes –-mode.target_branch develop` |
-| Perform Integration Testing of all content. Note that Enterprise Security MUST be listed as an app in your contentctl.yml folder, otherwise all tests will subsequently fail | `contentctl test –-enable-integration-testing --post-test-behavior never_pause mode:all` |
+| Test All the content in your app, pausing so that you can debug a search if it fails | `contentctl test --post-test-behavior pause_on_failure mode:all` |
+| Test All the content in your app, pausing after every detection to allow debugging | `contentctl test --post-test-behavior always_pause mode:all` |
+| Test 1 or more specified detections. If you are testing more than one detection, the paths are space-separated. You may also use shell-expanded regexes | `contentctl test --post-test-behavior always_pause mode:selected --mode.files detections/endpoint/7zip_commandline_to_smb_share_path.yml detections/cloud/aws_multi_factor_authentication_disabled.yml detections/application/okta*` |
+| Diff your current branch with a target_branch and test detections that have been updated. Your current branch **must be DIFFERENT** than the target_branch | `contentctl test --post-test-behavior always_pause mode:changes --mode.target_branch develop` |
+| Perform Integration Testing of all content. Note that Enterprise Security MUST be listed as an app in your contentctl.yml folder, otherwise all tests will subsequently fail | `contentctl test --enable-integration-testing --post-test-behavior never_pause mode:all` |
 
 # Introduction
 #### Security Is Hard 

{contentctl-4.3.2.dist-info → contentctl-4.3.3.dist-info}/RECORD

@@ -4,13 +4,13 @@ contentctl/actions/deploy_acs.py,sha256=mf3uk495H1EU_LNN-TiOsYCo18HMGoEBMb6ojeTr
 contentctl/actions/detection_testing/DetectionTestingManager.py,sha256=zg8JasDjCpSC-yhseEyUwO8qbDJIUJbhlus9Li9ZAnA,8818
 contentctl/actions/detection_testing/GitService.py,sha256=W1vnDDt8JvIL7Z1Lve3D3RS7h8qwMxrW0BMXVGuDZDM,9007
 contentctl/actions/detection_testing/generate_detection_coverage_badge.py,sha256=N5mznaeErVak3mOBwsd0RDBFJO3bku0EZvpayCyU-uk,2259
-contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructure.py,sha256=1PxEnhWSFgiOtIlqRD10gRShjB65i9vLiFEnwHSGf4o,55139
+contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructure.py,sha256=w_ULKp-RqE7HXMSzWZ-a4ha0_45GwAG7RLixJjv_gKQ,55718
 contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructureContainer.py,sha256=REM3WB-DQAczeknGAKMzJhnvHgnt-u9yDG2UKGVj2vM,6854
 contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructureServer.py,sha256=Q1ZfCYOp54O39bgTScZMInkmZiU-bGAM9Hiwr2mq5ms,370
 contentctl/actions/detection_testing/progress_bar.py,sha256=OK9oRnPlzPAswt9KZNYID-YLHxqaYPY821kIE4-rCeA,3244
-contentctl/actions/detection_testing/views/DetectionTestingView.py,sha256=4UIA3BqjGpR-N4c03en1Iu5sHaiFBzfrPsnUVPaBM7A,6725
-contentctl/actions/detection_testing/views/DetectionTestingViewCLI.py,sha256=Mos0VV2CTSHtIqMPLwtEJlMEU7LE7TXFjM6GUA1G6hM,2050
-contentctl/actions/detection_testing/views/DetectionTestingViewFile.py,sha256=OJgmQgoVnzy7p1MN9bDyKGUhFWKzQc6ejc4F87uZG1I,1123
+contentctl/actions/detection_testing/views/DetectionTestingView.py,sha256=nh9-gBSy-7FFBU71v4K5rwJmPzX2swFivbNfzDOpH-U,7674
+contentctl/actions/detection_testing/views/DetectionTestingViewCLI.py,sha256=v5F3heZ3ZD0ik_-a_zDYSEz6oc5VdVj3e5rSSZ-tK00,2149
+contentctl/actions/detection_testing/views/DetectionTestingViewFile.py,sha256=3mBCQy3hYuX8bNqh3al0nANlMwq9sxbQjkhwA1V5LOA,1090
 contentctl/actions/detection_testing/views/DetectionTestingViewWeb.py,sha256=6mecacXFoTJxcHiRZSnlHos5Hca1jdedEEZfiIAhaJg,4706
 contentctl/actions/doc_gen.py,sha256=YNc1VYA0ikL1hWDHYjfEOmUkfhy8PEIdvTyC4ZLxQRY,863
 contentctl/actions/initialize.py,sha256=Ifi13REBwQyUfCHma6IzjM_Z8uYEZ3Qz8kmP0WIFbJQ,1975
@@ -19,10 +19,10 @@ contentctl/actions/inspect.py,sha256=6gVVKmV5CUUYOkNNVTMPKj9bM1uXVthgGCoFKZGDeS8
 contentctl/actions/new_content.py,sha256=o5ZYBQ216RN6TnW_wRxVGJybx2SsJ7ht4PAi1dw45Yg,6076
 contentctl/actions/release_notes.py,sha256=akkFfLhsJuaPUyjsb6dLlKt9cUM-JApAjTFQMbYoXeM,13115
 contentctl/actions/reporting.py,sha256=MJEmvmoA1WnSFZEU9QM6daL_W94oOX0WXAcX1qAM2As,1583
-contentctl/actions/test.py,sha256=dx7f750_MrlvysxOmOdIro1bH0iVKF4K54TSwhvU2MU,5146
+contentctl/actions/test.py,sha256=jv12UO_PTjZwvo4G-Dr8fE2gsuWvuvAmO2QQM4q7TL0,5917
 contentctl/actions/validate.py,sha256=2MQ8yumCKj7zD8iUuA5gfFEMcE-GPRzYqkvuOexn0JA,5633
 contentctl/api.py,sha256=FBOpRhbBCBdjORmwe_8MPQ3PRZ6T0KrrFcfKovVFkug,6343
-contentctl/contentctl.py,sha256=SxWFMYquSYQAATrTBpvfj4j5DRedsOF2xO96ASs74wA,10505
+contentctl/contentctl.py,sha256=JXbUD5l1PziRRJxUc1UHrveM33CHryZPmc0RxudDpIs,10328
 contentctl/enrichments/attack_enrichment.py,sha256=HsfHfcrRmsHT6pILN457jmCGOCdAhOlRBGfAP8aZY78,7834
 contentctl/enrichments/cve_enrichment.py,sha256=SjiytaZktVNbfICXcZ2vZzBiQpOkug5taPtiJK-S1OE,2313
 contentctl/enrichments/splunk_app_enrichment.py,sha256=zDNHFLZTi2dJ1gdnh0sHkD6F1VtkblqFnhacFcCMBfc,3418
@@ -33,15 +33,15 @@ contentctl/helper/utils.py,sha256=8ICRvE7DUiNL9BK4Hw71hCLFbd3R2u86OwKeDOdaBTY,19
 contentctl/input/director.py,sha256=kTqdN_rCzRMn4dR32hPaVyx2llhAxyhJgoGjowhsHzs,10887
 contentctl/input/new_content_questions.py,sha256=o4prlBoUhEMxqpZukquI9WKbzfFJfYhEF7a8m2q_BEE,5565
 contentctl/input/yml_reader.py,sha256=hyVUYhx4Ka8C618kP2D_E3sDUKEQGC6ty_QZQArHKd4,1489
-contentctl/objects/abstract_security_content_objects/detection_abstract.py,sha256=V3pglFS5HYdPURIQFdNlHQfXYYr7-xLClrXiMUsb9rw,34745
-contentctl/objects/abstract_security_content_objects/security_content_object_abstract.py,sha256=7tv-WEiUUOvZkao272J9l1IvL0y12kJ6SWLsMeWv9VE,9820
+contentctl/objects/abstract_security_content_objects/detection_abstract.py,sha256=OD0QFdBDtAlPt3vUpozeS6F0fs2iTKg6ovKJc6F-Se4,38721
+contentctl/objects/abstract_security_content_objects/security_content_object_abstract.py,sha256=vdZvybF34Zlxf6XOjw400gYbpkPUkOtlu-JiWlAof40,9877
 contentctl/objects/alert_action.py,sha256=E9gjCn5C31h0sN7k90KNe4agRxFFSnMW_Z-Ri_3YQss,1335
 contentctl/objects/atomic.py,sha256=BP27gP8KHeODp6UazhVFxwDQ64wuJCARGsLfIH34h7U,8768
-contentctl/objects/base_test.py,sha256=7kAV0njoXaasA-Mt3Zxeq-NFwFF5Z9U85k5cEYW1iY8,1023
-contentctl/objects/base_test_result.py,sha256=ZEAC2IUwUrW_-zHoaS7zp-uBBKIVTS8TcMXjkMByjF4,5006
+contentctl/objects/base_test.py,sha256=qUtKQJrqCto_fwCBdiH68_tXqokhcv9ceu2fQlBxsjA,1045
+contentctl/objects/base_test_result.py,sha256=jVroyGLb9GD6Wm2QzvgIEA3SWCZqxPsHp9PzxSvpyIs,5101
 contentctl/objects/baseline.py,sha256=Lb1vJKtDdlDrzWgrdkC9oQao_TnRrOxSwOWHf4trtaU,2150
 contentctl/objects/baseline_tags.py,sha256=fVhLF-NmisavybB_idu3N0Con0Ymj8clKfRMkWzBB-k,1762
-contentctl/objects/config.py,sha256=XpCjYIoU4XTM6RL4Nt-YjMX342FJz4R-ATDXJWexHNs,43615
+contentctl/objects/config.py,sha256=8oP68b_wnPLXBMdvemmWFazaBssASW4jFZjFbTNrboY,44507
 contentctl/objects/constants.py,sha256=lfCcr1DsTZvANHj4Ee1_sEV-SebHwAn41-5EvmoEX2E,3537
 contentctl/objects/correlation_search.py,sha256=QZp1u-dwTZl9hkUOlJdHQ9h4Hp2bDHWWCKtrp3mvIUY,48310
 contentctl/objects/data_source.py,sha256=aRr6lHu-EtGmi6J2nXKD7i2ozUPtp7X-vDkQiutvD3I,1545
@@ -53,17 +53,19 @@ contentctl/objects/deployment_rba.py,sha256=YFLSKzLU7s8Bt1cJkSBWlfCsc_2MfgiwyaDi
 contentctl/objects/deployment_scheduling.py,sha256=bQjbJHNaUGdU1VAGV8-nFOHzHutbIlt7FZpUvR1CV4Y,198
 contentctl/objects/deployment_slack.py,sha256=P6z8OLHDKcDWx7nbKWasqBc3dFRatGcpO2GtmxzVV8I,135
 contentctl/objects/detection.py,sha256=3W41cXf3ECjWuPqWrseqSLC3PAA7O5_nENWWM6MPK0Y,620
-contentctl/objects/detection_tags.py,sha256=b9dav1KJMkGXDtQLn2S7jVwnjOiMz2G5_GPd1PkGI6c,10788
+contentctl/objects/detection_tags.py,sha256=esJF7Uvblynm0uJj03EV9Hkr6Jko1LobSnJK2keJXUE,10913
 contentctl/objects/enums.py,sha256=37v7w8xCg5j5hxP3kod0S3HQ9BY-CqZulPiwhnTtEvs,14052
 contentctl/objects/errors.py,sha256=gnD99z4O00EBbMerUjt4368q8mohm3Zb9HByG3CP_A0,525
 contentctl/objects/event_source.py,sha256=G9P7rtcN5hcBNQx6DG37mR3QyQufx--T6kgQGNqQuKk,415
-contentctl/objects/integration_test.py,sha256=W_VksBN_cRo7DTXdr1aLujjS9mgkEp0uvoNpmL0dVnQ,1273
-contentctl/objects/integration_test_result.py,sha256=DrIZRRlILSHGcsK_Rlm3KJLnbKPtIen8uEPFi4ZdJ8s,370
-contentctl/objects/investigation.py,sha256=JRoZxc_qi1fu_VFTRaxOc3B7zzSzCfEURsNzWPUCrtY,2620
+contentctl/objects/integration_test.py,sha256=UBBx85f517MpQXOM7-iEasACEQ0-Ia7W4rDChOHZfno,1319
+contentctl/objects/integration_test_result.py,sha256=9oVWka57alIVPiCDbNgy-OmJcBicyYbrr6anL52Wgks,278
+contentctl/objects/investigation.py,sha256=MrID5n9jnoHNKyZW0UszbiPdX4uc6tQWK-1wkns2rXA,2677
 contentctl/objects/investigation_tags.py,sha256=nFpMRKBVBsW21YW_vy2G1lXaSARX-kfFyrPoCyE77Q8,1280
 contentctl/objects/lookup.py,sha256=oZwBiHfRRrv2ZXdGyWIJWSWZMpuUbsXydaDDfpenk-4,7219
 contentctl/objects/macro.py,sha256=9nE-bxkFhtaltHOUCr0luU8jCCthmglHjhKs6Q2YzLU,2684
-contentctl/objects/mitre_attack_enrichment.py,sha256=vhoB0oHlmPs-aDcEYT19BWrylO_hiDxOo5IWP4LBlNk,3293
+contentctl/objects/manual_test.py,sha256=YNquEQ0UCzZGJ0uvHBgJ3Efho-F80ZG885ABLtqB7TI,1022
+contentctl/objects/manual_test_result.py,sha256=C4AYW3jlMsxVzCPzCA5dpAcbKgCpmDO43JmptFm--Q4,155
+contentctl/objects/mitre_attack_enrichment.py,sha256=4c5zapPm1Dpmcg_bgUAjZRY5zS3yPFKYzz5zllb-u1o,3350
 contentctl/objects/notable_action.py,sha256=ValkblBaG-60TF19y_vSnNzoNZ3eg48wIfr0qZxyKTA,1605
 contentctl/objects/notable_event.py,sha256=ITcwLzeatSGpe8267PYN-EhgqOSoWTfciCBVu8zjOXE,682
 contentctl/objects/observable.py,sha256=pw0Ehi_KMb7nXzw2kuw1FnCknpD8zDkCAqBTa-M_F28,1313
@@ -73,14 +75,14 @@ contentctl/objects/risk_analysis_action.py,sha256=Glzcq99DAqqOJ2eZYCkUI3R5hA5cZG
 contentctl/objects/risk_event.py,sha256=LnFg0BKnt7rMJvzxZoaFeInKP4w5onvJwOUxMWWDk6w,14303
 contentctl/objects/risk_object.py,sha256=yY4NmEwEKaRl4sLzCRZb1n8kdpV3HzYbQVQ1ClQWYHw,904
 contentctl/objects/security_content_object.py,sha256=j8KNDwSMfZsSIzJucC3NuZo0SlFVpqHfDc6y3-YHjHI,234
-contentctl/objects/ssa_detection.py,sha256=-G6tXfVVlZgPWS64hIIy3M-aMePANAuQvdpXPlgUyUs,5873
+contentctl/objects/ssa_detection.py,sha256=ud0T6lq-5XUlmeK8Jzw_aNLe6podVcA1o7THDYvWbik,5934
 contentctl/objects/ssa_detection_tags.py,sha256=9aRwbpQHi79NIS9rofjgxDJpw7cWXqG534_kSbvHJh8,5220
 contentctl/objects/story.py,sha256=FXe11LV19xJTtCgx7DKdvV9cL0gKeryUnE3yjpnDmrU,4957
-contentctl/objects/story_tags.py,sha256=puF-g61YA6eGZy9eLjp4l-5IblMrekcYtQX8EYFOvk0,2221
-contentctl/objects/test_group.py,sha256=Yb1sqGom6SkVL8B3czPndz8w3CK8WdwZ39V_cn0_JZQ,2600
+contentctl/objects/story_tags.py,sha256=qIVCEk3Vr-63tjq3PKapMUUUL6jNCHyp2AqGzDAE-tk,2279
+contentctl/objects/test_attack_data.py,sha256=9OgErjdPR4S-SJpQePt0uwBLPYHYPtqKDd-auhjz7Uc,430
+contentctl/objects/test_group.py,sha256=DCtm4ChGYksOwZQVHsioaweOvI37CSlTZJzKvBX-jbY,2586
 contentctl/objects/threat_object.py,sha256=S8B7RQFfLxN_g7yKPrDTuYhIy9JvQH3YwJ_T5LUZIa4,711
-contentctl/objects/unit_test.py,sha256=AQcGdi4zEMl9PqZTRnBI87_VU7ySaHrPiBHOlquoxrM,1372
-contentctl/objects/unit_test_attack_data.py,sha256=ZmHA83O8i9VZveDAliNp_XVKOuH5ytGN9l3X8v8jm4o,480
+contentctl/objects/unit_test.py,sha256=eMFehpHhmZA5WYBqhWUNRF_LpxuLM9VooAxjXeNbrxY,1144
 contentctl/objects/unit_test_baseline.py,sha256=XHvOm7qLYfqrP6uC5U_pfgw_pf8-S2RojuNmbo6lXlM,227
 contentctl/objects/unit_test_old.py,sha256=IfvytHG4ZnUhsvXgdczECZbiwv6YLViYdsk9AqeDBjQ,199
 contentctl/objects/unit_test_result.py,sha256=POQfvvPpSw-jQzINBz1_IszUMJ4Wbopu8HRS1Qe6P2M,2940
@@ -121,7 +123,7 @@ contentctl/output/templates/header.j2,sha256=3usV7jm1q6J-QNnQrZzII9cN0XEGQjg_eVK
 contentctl/output/templates/macros.j2,sha256=SLcQQ5X7TZS8j-2qP06BTXqdIcnwoYqTAaBLX2Dge7Y,390
 contentctl/output/templates/panel.j2,sha256=Cw_W6p-14n6UivVfpS75KKJiJ2VpdGsSBceYsUYe9gk,221
 contentctl/output/templates/savedsearches_baselines.j2,sha256=xr05J9WJSVdwpiBoPWEejZ1hmeqInyDKyDH4kjzHP6U,1743
-contentctl/output/templates/savedsearches_detections.j2,sha256=ZEY2oxn1NXrx28OR46azAs9coX_PhK7UGfyiLZh8g2c,6381
+contentctl/output/templates/savedsearches_detections.j2,sha256=Y-yrvikFG7zQx6bJ-AkVFdZR8P6kRE-gQHyHc1aEyvs,6376
 contentctl/output/templates/savedsearches_investigations.j2,sha256=aFIDK4NqtsZr3fb4F_tv9UQTQ2Z-n9pkP5rIocPA65Q,1259
 contentctl/output/templates/transforms.j2,sha256=-cSoie0LgJwibtW-GMhc9BQlmS6h1s1Vykm9O2M0f9Y,1456
 contentctl/output/templates/workflow_actions.j2,sha256=DFoZVnCa8dMRHjW2AdpoydBC0THgiH_W-Nx7WI4-uR4,925
@@ -163,8 +165,8 @@ contentctl/templates/detections/web/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRk
 contentctl/templates/macros/security_content_ctime.yml,sha256=Gg1YNllHVsX_YB716H1SJLWzxXZEfuJlnsgB2fuyoHU,159
 contentctl/templates/macros/security_content_summariesonly.yml,sha256=9BYUxAl2E4Nwh8K19F3AJS8Ka7ceO6ZDBjFiO3l3LY0,162
 contentctl/templates/stories/cobalt_strike.yml,sha256=rlaXxMN-5k8LnKBLPafBoksyMtlmsPMHPJOjTiMiZ-M,3063
-contentctl-4.3.2.dist-info/LICENSE.md,sha256=hQWUayRk-pAiOZbZnuy8djmoZkjKBx8MrCFpW-JiOgo,11344
-contentctl-4.3.2.dist-info/METADATA,sha256=AkxYjJ2zP-wRhoyOVMq5cGNJDmA8QFRkRy6FQaIKCbY,20939
-contentctl-4.3.2.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
-contentctl-4.3.2.dist-info/entry_points.txt,sha256=5bjZ2NkbQfSwK47uOnA77yCtjgXhvgxnmCQiynRF_-U,57
-contentctl-4.3.2.dist-info/RECORD,,
+contentctl-4.3.3.dist-info/LICENSE.md,sha256=hQWUayRk-pAiOZbZnuy8djmoZkjKBx8MrCFpW-JiOgo,11344
+contentctl-4.3.3.dist-info/METADATA,sha256=utrc_z9xKTEuH2CQrudSeb6J4BQZloMvVxkb6y17pvA,20925
+contentctl-4.3.3.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+contentctl-4.3.3.dist-info/entry_points.txt,sha256=5bjZ2NkbQfSwK47uOnA77yCtjgXhvgxnmCQiynRF_-U,57
+contentctl-4.3.3.dist-info/RECORD,,