contentctl 4.3.4__py3-none-any.whl → 4.4.0__py3-none-any.whl

contentctl/objects/throttling.py

@@ -0,0 +1,46 @@
+from pydantic import BaseModel, Field, field_validator
+from typing import Annotated
+
+
+# Alert Suppression/Throttling settings have been taken from 
+# https://docs.splunk.com/Documentation/Splunk/9.2.2/Admin/Savedsearchesconf
+class Throttling(BaseModel):
+    fields: list[str] = Field(..., description="The list of fields to throttle on. These fields MUST occur in the search.", min_length=1)
+    period: Annotated[str,Field(pattern="^[0-9]+[smh]$")] =  Field(..., description="How often the alert should be triggered. "
+                                                    "This may be specified in seconds, minutes, or hours.  "
+                                                    "For example, if an alert should be triggered once a day,"
+                                                    " it may be specified in seconds (86400s), minutes (1440m), or hours import (24h).")
+    
+    @field_validator("fields")
+    def no_spaces_in_fields(cls, v:list[str])->list[str]:
+        for field in v:
+            if ' ' in field:
+                raise ValueError("Spaces are not presently supported in 'alert.suppress.fields' / throttling fields in conf files. "
+                                "The field '{field}' has a space in it. If this is a blocker, please raise this as an issue on the Project.")
+        return v
+
+    def conf_formatted_fields(self)->str:
+        '''
+        TODO:
+        The field alert.suppress.fields is defined as follows:
+        alert.suppress.fields = <comma-delimited-field-list>
+        * List of fields to use when suppressing per-result alerts. This field *must*
+        be specified if the digest mode is disabled and suppression is enabled.
+
+        In order to support fields with spaces in them, we may need to wrap each
+        field in "". 
+        This function returns a properly formatted value, where each field
+        is wrapped in "" and separated with a comma. For example, the fields 
+        ["field1", "field 2", "field3"] would be returned as the string
+
+        "field1","field 2","field3
+
+        However, for now, we will error on fields with spaces and simply
+        separate with commas
+        '''
+        
+        return ",".join(self.fields)
+
+        # The following may be used once we determine proper support
+        # for fields with spaces
+        #return ",".join([f'"{field}"' for field in self.fields])

contentctl/output/conf_output.py

@@ -152,6 +152,10 @@ class ConfOutput:
                                     'macros.j2',
                                     self.config, objects))
         
+        elif type == SecurityContentType.dashboards:
+            written_files.update(ConfWriter.writeDashboardFiles(self.config, objects))
+
+
         return written_files
             
 

contentctl/output/conf_writer.py

@@ -8,6 +8,7 @@ from xmlrpc.client import APPLICATION_ERROR
 from jinja2 import Environment, FileSystemLoader, StrictUndefined
 import pathlib
 from contentctl.objects.security_content_object import SecurityContentObject
+from contentctl.objects.dashboard import Dashboard
 from contentctl.objects.config import build
 import xml.etree.ElementTree as ET
 
@@ -34,7 +35,10 @@ class ConfWriter():
         # Failing to do so will result in an improperly formatted conf files that
         # cannot be parsed
         if isinstance(obj,str):
-            return obj.replace(f"\n"," \\\n")
+            # Remove leading and trailing characters. Conf parsers may erroneously 
+            # Parse fields if they have leading or trailing newlines/whitespace and we 
+            # probably don't want that anyway as it doesn't look good in output
+            return obj.strip().replace(f"\n"," \\\n")
         else:
             return obj
 
@@ -58,7 +62,7 @@ class ConfWriter():
         j2_env = ConfWriter.getJ2Environment()
         template = j2_env.get_template(template_name)
         
-        output = template.render(objects=objects, APP_NAME=config.app.label, currentDate=datetime.datetime.now(datetime.UTC).date().isoformat())
+        output = template.render(objects=objects, app=config.app, currentDate=datetime.datetime.now(datetime.UTC).date().isoformat())
         
         output_path = config.getPackageDirectoryPath()/app_output_path
         output_path.parent.mkdir(parents=True, exist_ok=True)
@@ -91,7 +95,7 @@ class ConfWriter():
         j2_env = ConfWriter.getJ2Environment()
         template = j2_env.get_template(template_name)
         
-        output = template.render(objects=objects, APP_NAME=config.app.label)
+        output = template.render(objects=objects, app=config.app)
         
         output_path = config.getPackageDirectoryPath()/app_output_path
         output_path.parent.mkdir(parents=True, exist_ok=True)
@@ -104,6 +108,22 @@ class ConfWriter():
 
     
 
+    @staticmethod
+    def writeDashboardFiles(config:build, dashboards:list[Dashboard])->set[pathlib.Path]:
+        written_files:set[pathlib.Path] = set()
+        for dashboard in dashboards:
+            output_file_path = dashboard.getOutputFilepathRelativeToAppRoot(config)
+            # Check that the full output path does not exist so that we are not having an
+            # name collision with a file in app_template
+            if (config.getPackageDirectoryPath()/output_file_path).exists():
+                raise FileExistsError(f"ERROR: Overwriting Dashboard File {output_file_path}. Does this file exist in {config.getAppTemplatePath()} AND {config.path/'dashboards'}?")
+                
+            ConfWriter.writeXmlFileHeader(output_file_path, config)
+            dashboard.writeDashboardFile(ConfWriter.getJ2Environment(), config)
+            ConfWriter.validateXmlFile(config.getPackageDirectoryPath()/output_file_path)
+            written_files.add(output_file_path)
+        return written_files
+
 
     @staticmethod
     def writeXmlFileHeader(app_output_path:pathlib.Path, config: build) -> None:
@@ -139,7 +159,7 @@ class ConfWriter():
         j2_env = ConfWriter.getJ2Environment()
         
         template = j2_env.get_template(template_name)
-        output = template.render(objects=objects, APP_NAME=config.app.label)
+        output = template.render(objects=objects, app=config.app)
         
         output_path.parent.mkdir(parents=True, exist_ok=True)
         with open(output_path, 'a') as f:

contentctl/output/new_content_yml_output.py

@@ -39,11 +39,8 @@ class NewContentYmlOutput():
             .replace('.','_') \
             .replace('/','_') \
             .lower()
-        if 'Splunk Behavioral Analytics' in product:
-            
-            file_name = 'ssa___' + file_name + '.yml'
-        else:
-            file_name = file_name + '.yml'
+        
+        file_name = file_name + '.yml'
         return file_name
 
 
@@ -54,8 +51,6 @@ class NewContentYmlOutput():
             .replace('.','_') \
             .replace('/','_') \
             .lower()
-        if 'Splunk Behavioral Analytics' in product:          
-            file_name = 'ssa___' + file_name + '.test.yml'
-        else:
-            file_name = file_name + '.test.yml'
+        
+        file_name = file_name + '.test.yml'
         return file_name

contentctl/output/templates/analyticstories_detections.j2

@@ -3,11 +3,11 @@
 
 {% for detection in objects %}
 {% if (detection.type == 'TTP' or detection.type == 'Anomaly' or detection.type == 'Hunting' or detection.type == 'Correlation') %}
-[savedsearch://{{APP_NAME}} - {{ detection.name }} - Rule]
+[savedsearch://{{ detection.get_conf_stanza_name(app) }}]
 type = detection
 asset_type = {{ detection.tags.asset_type.value }}
 confidence = medium
-explanation = {{ detection.description | escapeNewlines() }}
+explanation = {{ (detection.explanation if detection.explanation else detection.description) | escapeNewlines() }}
 {% if detection.how_to_implement is defined %}
 how_to_implement = {{ detection.how_to_implement | escapeNewlines() }}
 {% else %}

contentctl/output/templates/analyticstories_investigations.j2

@@ -1,13 +1,13 @@
 
 ### RESPONSE TASKS ###
 
-{% for detection in objects %}
-{% if (detection.type == 'Investigation') %}
-[savedsearch://{{APP_NAME}} - {{ detection.name }} - Response Task]
+{% for investigation in objects %}
+{% if (investigation.type == 'Investigation') %}
+[savedsearch://{{ investigation.get_response_task_name(app) }}]
 type = investigation
 explanation = none
-{% if detection.how_to_implement is defined %}
-how_to_implement = {{ detection.how_to_implement | escapeNewlines() }}
+{% if investigation.how_to_implement is defined %}
+how_to_implement = {{ investigation.how_to_implement | escapeNewlines() }}
 {% else %}
 how_to_implement = none
 {% endif %}

contentctl/output/templates/analyticstories_stories.j2

@@ -10,7 +10,7 @@ version = {{ story.version }}
 references = {{ story.getReferencesListForJson() | tojson }}
 maintainers = [{"company": "{{ story.author_company }}", "email": "{{ story.author_email }}", "name": "{{ story.author_name }}"}]
 spec_version = 3
-searches = {{ story.storyAndInvestigationNamesWithApp(APP_NAME) | tojson }}
+searches = {{ story.storyAndInvestigationNamesWithApp(app) | tojson }}
 description = {{ story.description | escapeNewlines() }}
 {% if story.narrative is defined %}
 narrative = {{ story.narrative | escapeNewlines() }}

contentctl/output/templates/savedsearches_baselines.j2

@@ -1,14 +1,13 @@
 
 
-### {{APP_NAME}} BASELINES ###
+### {{app.label}} BASELINES ###
 
 {% for detection in objects %}
 {% if (detection.type == 'Baseline') %}
-[{{APP_NAME}} - {{ detection.name }}]
+[{{ detection.get_conf_stanza_name(app) }}]
 action.escu = 0
 action.escu.enabled = 1
 action.escu.search_type = support
-action.escu.full_search_name = {{APP_NAME}} - {{ detection.name }}
 description = {{ detection.description | escapeNewlines() }}
 action.escu.creation_date = {{ detection.date }}
 action.escu.modification_date = {{ detection.date }}

contentctl/output/templates/savedsearches_detections.j2

@@ -1,8 +1,8 @@
-### {{APP_NAME}} DETECTIONS ###
+### {{app.label}} DETECTIONS ###
 
 {% for detection in objects %}
 {% if (detection.type == 'TTP' or detection.type == 'Anomaly' or detection.type == 'Hunting' or detection.type == 'Correlation') %}
-[{{APP_NAME}} - {{ detection.name }} - Rule]
+[{{ detection.get_conf_stanza_name(app) }}]
 action.escu = 0
 action.escu.enabled = 1
 {% if detection.status == "deprecated" %}
@@ -28,7 +28,6 @@ action.escu.known_false_positives = None
 action.escu.creation_date = {{ detection.date }}
 action.escu.modification_date = {{ detection.date }}
 action.escu.confidence = high
-action.escu.full_search_name = {{APP_NAME}} - {{ detection.name }} - Rule
 action.escu.search_type = detection
 {% if detection.tags.product is defined %}
 action.escu.product = {{ detection.tags.product | tojson }}
@@ -57,7 +56,7 @@ cron_schedule = {{ detection.deployment.scheduling.cron_schedule }}
 dispatch.earliest_time = {{ detection.deployment.scheduling.earliest_time }}
 dispatch.latest_time = {{ detection.deployment.scheduling.latest_time }}
 action.correlationsearch.enabled = 1
-action.correlationsearch.label = {{APP_NAME}} - {{ detection.name }} - Rule
+action.correlationsearch.label = {{ detection.get_action_dot_correlationsearch_dot_label(app) }}
 action.correlationsearch.annotations = {{ detection.annotations | tojson }}
 action.correlationsearch.metadata = {{ detection.metadata | tojson }}
 {% if detection.deployment.scheduling.schedule_window is defined %}
@@ -72,7 +71,7 @@ action.notable.param.nes_fields = {{ detection.nes_fields }}
 action.notable.param.rule_description = {{ detection.deployment.alert_action.notable.rule_description | custom_jinja2_enrichment_filter(detection) | escapeNewlines()}}
 action.notable.param.rule_title = {% if detection.type | lower == "correlation" %}RBA: {{ detection.deployment.alert_action.notable.rule_title | custom_jinja2_enrichment_filter(detection) }}{% else %}{{ detection.deployment.alert_action.notable.rule_title | custom_jinja2_enrichment_filter(detection) }}{% endif +%}
 action.notable.param.security_domain = {{ detection.tags.security_domain.value }}
-action.notable.param.severity = high
+action.notable.param.severity = {{ detection.tags.severity.value }}
 {% endif %}
 {% if detection.deployment.alert_action.email %}
 action.email.subject.alert = {{ detection.deployment.alert_action.email.subject | custom_jinja2_enrichment_filter(detection) | escapeNewlines() }}
@@ -107,8 +106,14 @@ relation = greater than
 quantity = 0
 realtime_schedule = 0
 is_visible = false
+{% if detection.tags.throttling %}
+alert.suppress = true
+alert.suppress.fields = {{ detection.tags.throttling.conf_formatted_fields() }}
+alert.suppress.period = {{ detection.tags.throttling.period }}
+{% endif %}
 search = {{ detection.search | escapeNewlines() }}
-
+action.notable.param.drilldown_searches = {{ detection.drilldowns_in_JSON | tojson | escapeNewlines() }}
 {% endif %}
+
 {% endfor %}
-### END {{ APP_NAME }} DETECTIONS ###
+### END {{ app.label }} DETECTIONS ###

contentctl/output/templates/savedsearches_investigations.j2

@@ -1,15 +1,14 @@
 
 
-### {{APP_NAME}} RESPONSE TASKS ###
+### {{app.label}} RESPONSE TASKS ###
 
 {% for detection in objects %}
 {% if (detection.type == 'Investigation') %}
 {% if detection.search is defined %}
-[{{APP_NAME}} - {{ detection.name }} - Response Task]
+[{{ detection.get_response_task_name(app) }}]
 action.escu = 0
 action.escu.enabled = 1
 action.escu.search_type = investigative
-action.escu.full_search_name = {{APP_NAME}} - {{ detection.name }} - Response Task
 description = {{ detection.description | escapeNewlines() }}
 action.escu.creation_date = {{ detection.date }}
 action.escu.modification_date = {{ detection.date }}
@@ -35,4 +34,4 @@ search = {{ detection.search | escapeNewlines() }}
 {% endfor %}
 
 
-### END {{ APP_NAME }} RESPONSE TASKS ###
+### END {{ app.label }} RESPONSE TASKS ###

contentctl/templates/detections/endpoint/anomalous_usage_of_7zip.yml

@@ -29,6 +29,15 @@ references:
 - https://attack.mitre.org/techniques/T1560/001/
 - https://www.microsoft.com/security/blog/2021/01/20/deep-dive-into-the-solorigate-second-stage-activation-from-sunburst-to-teardrop-and-raindrop/
 - https://thedfirreport.com/2021/01/31/bazar-no-ryuk/
+drilldown_searches:
+- name: View the detection results for $user$ and $dest$
+  search: '%original_detection_search% | search  user = $user$ dest = $dest$'
+  earliest_offset: $info_min_time$
+  latest_offset: $info_max_time$
+- name: View risk events for the last 7 days for $user$ and $dest$
+  search: '| from datamodel Risk.All_Risk | search normalized_risk_object IN ($user$, $dest$) starthoursago=168 endhoursago=1 | stats count min(_time) as firstTime max(_time) as lastTime values(search_name) as "Search Name" values(risk_message) as "Risk Message" values(analyticstories) as "Analytic Stories" values(annotations._all) as "Annotations" values(annotations.mitre_attack.mitre_tactic) as "ATT&CK Tactics" by normalized_risk_object | `security_content_ctime(firstTime)` | `security_content_ctime(lastTime)`'
+  earliest_offset: $info_min_time$
+  latest_offset: $info_max_time$
 tags:
   analytic_story:
   - Cobalt Strike
@@ -80,4 +89,4 @@ tests:
   attack_data:
   - data: https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1560.001/archive_utility/windows-sysmon.log
     source: XmlWinEventLog:Microsoft-Windows-Sysmon/Operational
-    sourcetype: xmlwineventlog
+    sourcetype: xmlwineventlog

{contentctl-4.3.4.dist-info → contentctl-4.4.0.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: contentctl
-Version: 4.3.4
+Version: 4.4.0
 Summary: Splunk Content Control Tool
 License: Apache 2.0
 Author: STRT
@@ -10,10 +10,11 @@ Classifier: License :: Other/Proprietary License
 Classifier: Programming Language :: Python :: 3
 Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.12
+Classifier: Programming Language :: Python :: 3.13
 Requires-Dist: Jinja2 (>=3.1.4,<4.0.0)
 Requires-Dist: PyYAML (>=6.0.2,<7.0.0)
 Requires-Dist: attackcti (>=0.4.0,<0.5.0)
-Requires-Dist: bottle (>=0.12.25,<0.13.0)
+Requires-Dist: bottle (>=0.12.25,<0.14.0)
 Requires-Dist: docker (>=7.1.0,<8.0.0)
 Requires-Dist: gitpython (>=3.1.43,<4.0.0)
 Requires-Dist: pycvesearch (>=1.2,<2.0)
@@ -22,11 +23,11 @@ Requires-Dist: pygit2 (>=1.15.1,<2.0.0)
 Requires-Dist: questionary (>=2.0.1,<3.0.0)
 Requires-Dist: requests (>=2.32.3,<2.33.0)
 Requires-Dist: semantic-version (>=2.10.0,<3.0.0)
-Requires-Dist: setuptools (>=69.5.1,<75.0.0)
+Requires-Dist: setuptools (>=69.5.1,<76.0.0)
 Requires-Dist: splunk-sdk (>=2.0.2,<3.0.0)
 Requires-Dist: tqdm (>=4.66.5,<5.0.0)
 Requires-Dist: tyro (>=0.8.3,<0.9.0)
-Requires-Dist: xmltodict (>=0.13.0,<0.14.0)
+Requires-Dist: xmltodict (>=0.13,<0.15)
 Description-Content-Type: text/markdown
 
 
@@ -165,7 +166,7 @@ This section is under active development.  It will allow you to a [MITRE Map](ht
 Choose TYPE {detection, story} to create new content for the Content Pack.  The tool will interactively ask a series of questions required for generating a basic piece of content and automatically add it to the Content Pack.
 
 ### contentctl inspect
-This section is under development.  It will enable the user to perform an appinspect of the content pack in preparation for deployment onto a Splunk Instance or via Splunk Cloud.
+This section is under development.  The inspect action performs a number of post-build validations. Primarily, it will enable the user to perform an appinspect of the content pack in preparation for deployment onto a Splunk Instance or via Splunk Cloud. It also compares detections in the new build against a prior build, confirming that any changed detections have had their versions incremented (this comparison happens at the savedsearch.conf level, which is why it must happen after the build). Please also note that new versions of contentctl may result in the generation of different savedsearches.conf files without any content changes in YML (new keys at the .conf level which will necessitate bumping of the version in the YML file).
 
 ### contentctl deploy
 The reason to build content is so that it can be deployed to your environment.  However, deploying content to multiple servers and different types of infrastructure can be tricky and time-consuming.  contentctl makes this easy by supporting a number of different deployment mechanisms. Deployment targets can be defined in [contentctl.yml](/contentctl/templates/contentctl_default.yml).

{contentctl-4.3.4.dist-info → contentctl-4.4.0.dist-info}/RECORD

@@ -1,52 +1,53 @@
 contentctl/__init__.py,sha256=IMjkMO3twhQzluVTo8Z6rE7Eg-9U79_LGKMcsWLKBkY,22
-contentctl/actions/build.py,sha256=FXMub_CAVN4kTks3RLHBm8O9qtFV2EkSSNld7FzCPd0,5035
+contentctl/actions/build.py,sha256=htuFSKjavKOSUMxcjw7y84teLI6XFkG_U7cnLn5eGnA,5173
 contentctl/actions/deploy_acs.py,sha256=mf3uk495H1EU_LNN-TiOsYCo18HMGoEBMb6ojeTr0zw,1418
 contentctl/actions/detection_testing/DetectionTestingManager.py,sha256=zg8JasDjCpSC-yhseEyUwO8qbDJIUJbhlus9Li9ZAnA,8818
-contentctl/actions/detection_testing/GitService.py,sha256=W1vnDDt8JvIL7Z1Lve3D3RS7h8qwMxrW0BMXVGuDZDM,9007
+contentctl/actions/detection_testing/GitService.py,sha256=cofi7yilcaq_5fugSbRpSmQjFRKFcB8nJmOdUfHVRzc,9045
 contentctl/actions/detection_testing/generate_detection_coverage_badge.py,sha256=N5mznaeErVak3mOBwsd0RDBFJO3bku0EZvpayCyU-uk,2259
-contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructure.py,sha256=00ymK5PyAn_FREi8Cj0HqpUt-U6XMpSHrN0QNqIrbDA,55190
-contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructureContainer.py,sha256=REM3WB-DQAczeknGAKMzJhnvHgnt-u9yDG2UKGVj2vM,6854
+contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructure.py,sha256=mcdLt3tZr-xF5xaYnD0q7JQx9qrbRIzPNl6D9MeeB5k,56999
+contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructureContainer.py,sha256=WCtyyMKTA17JzPIb10rV8C6vdG-cBzHtFC9T2CuYY2o,7047
 contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructureServer.py,sha256=Q1ZfCYOp54O39bgTScZMInkmZiU-bGAM9Hiwr2mq5ms,370
 contentctl/actions/detection_testing/progress_bar.py,sha256=OK9oRnPlzPAswt9KZNYID-YLHxqaYPY821kIE4-rCeA,3244
 contentctl/actions/detection_testing/views/DetectionTestingView.py,sha256=nh9-gBSy-7FFBU71v4K5rwJmPzX2swFivbNfzDOpH-U,7674
 contentctl/actions/detection_testing/views/DetectionTestingViewCLI.py,sha256=v5F3heZ3ZD0ik_-a_zDYSEz6oc5VdVj3e5rSSZ-tK00,2149
 contentctl/actions/detection_testing/views/DetectionTestingViewFile.py,sha256=3mBCQy3hYuX8bNqh3al0nANlMwq9sxbQjkhwA1V5LOA,1090
-contentctl/actions/detection_testing/views/DetectionTestingViewWeb.py,sha256=6mecacXFoTJxcHiRZSnlHos5Hca1jdedEEZfiIAhaJg,4706
+contentctl/actions/detection_testing/views/DetectionTestingViewWeb.py,sha256=Q6p7UqDOYI2VjFl21_1iue76rWVsQmJUzRewtUBF1a8,4755
 contentctl/actions/doc_gen.py,sha256=YNc1VYA0ikL1hWDHYjfEOmUkfhy8PEIdvTyC4ZLxQRY,863
-contentctl/actions/initialize.py,sha256=Ifi13REBwQyUfCHma6IzjM_Z8uYEZ3Qz8kmP0WIFbJQ,1975
+contentctl/actions/initialize.py,sha256=wEO3u8vJYP8Xh2OSJ_HxfMV6mqOdkPyWbUzNGEqMTNA,3055
 contentctl/actions/initialize_old.py,sha256=0qXbW_fNDvkcnEeL6Zpte8d-hpTu1REyzHsXOCY-YB8,9333
-contentctl/actions/inspect.py,sha256=6gVVKmV5CUUYOkNNVTMPKj9bM1uXVthgGCoFKZGDeS8,12628
-contentctl/actions/new_content.py,sha256=o5ZYBQ216RN6TnW_wRxVGJybx2SsJ7ht4PAi1dw45Yg,6076
+contentctl/actions/inspect.py,sha256=dXV020g_GwwspSgiS6jQxW0JEVr_nublJBevwZ79mZo,17424
+contentctl/actions/new_content.py,sha256=Mz70StFt0bbuUYUHzQ1NINAbPqPsM4deUdlxgQ5S7-k,6481
 contentctl/actions/release_notes.py,sha256=akkFfLhsJuaPUyjsb6dLlKt9cUM-JApAjTFQMbYoXeM,13115
 contentctl/actions/reporting.py,sha256=MJEmvmoA1WnSFZEU9QM6daL_W94oOX0WXAcX1qAM2As,1583
 contentctl/actions/test.py,sha256=jv12UO_PTjZwvo4G-Dr8fE2gsuWvuvAmO2QQM4q7TL0,5917
-contentctl/actions/validate.py,sha256=2MQ8yumCKj7zD8iUuA5gfFEMcE-GPRzYqkvuOexn0JA,5633
-contentctl/api.py,sha256=FBOpRhbBCBdjORmwe_8MPQ3PRZ6T0KrrFcfKovVFkug,6343
-contentctl/contentctl.py,sha256=JXbUD5l1PziRRJxUc1UHrveM33CHryZPmc0RxudDpIs,10328
-contentctl/enrichments/attack_enrichment.py,sha256=XEcLRnXKfJeChax5gfHDGea5D5MCFjP4bWp8hRWn3d8,7871
-contentctl/enrichments/cve_enrichment.py,sha256=rRdf62sKkBzCBLCNwzAmEhxNiPV2px1VS6MzDiS-uBw,2337
+contentctl/actions/validate.py,sha256=eVxXf67b65ywe4yXYqaTXJShvqbzG9vd6jlkq-YVzy8,5538
+contentctl/api.py,sha256=O0dNE3-WkWs2zuOeAQnIicgOtBX5s2bGBhRVo3j69-8,6327
+contentctl/contentctl.py,sha256=CLYQ1kpVcUkOXPGrGyE7SwAkEtvjq2kHENWyy81gwsM,10400
+contentctl/enrichments/attack_enrichment.py,sha256=i0p5ud7EqA2SMB7Gc8JQdIonUTjAeDN-hxKBV4XV-Rg,6391
+contentctl/enrichments/cve_enrichment.py,sha256=aXpv_kCS0XP6JpC_ZEOeBPgrl38t_vkKZe9Ay35lRi4,2347
 contentctl/enrichments/splunk_app_enrichment.py,sha256=zDNHFLZTi2dJ1gdnh0sHkD6F1VtkblqFnhacFcCMBfc,3418
 contentctl/helper/link_validator.py,sha256=-XorhxfGtjLynEL1X4hcpRMiyemogf2JEnvLwhHq80c,7139
 contentctl/helper/logger.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-contentctl/helper/splunk_app.py,sha256=PZf60Z3ALQLJQ6I--cbWTCzvOMPGsjZSns1BFrZu4S4,9549
+contentctl/helper/splunk_app.py,sha256=5KoacltgQ2J1BdxqvZYhr6GCXFl2tsy8TEWNc2gXkqw,14187
 contentctl/helper/utils.py,sha256=8ICRvE7DUiNL9BK4Hw71hCLFbd3R2u86OwKeDOdaBTY,19454
-contentctl/input/director.py,sha256=kTqdN_rCzRMn4dR32hPaVyx2llhAxyhJgoGjowhsHzs,10887
-contentctl/input/new_content_questions.py,sha256=o4prlBoUhEMxqpZukquI9WKbzfFJfYhEF7a8m2q_BEE,5565
+contentctl/input/director.py,sha256=U7jrhqP7IbfaSLXGIVtKrVvGTwIrmI1roW2X1jmZZ8Q,10841
+contentctl/input/new_content_questions.py,sha256=p-rop4YpCjyg0RYKQ7Cvk9-7uaa5GDELNVeeUlxk6ks,4191
 contentctl/input/yml_reader.py,sha256=hyVUYhx4Ka8C618kP2D_E3sDUKEQGC6ty_QZQArHKd4,1489
-contentctl/objects/abstract_security_content_objects/detection_abstract.py,sha256=U3IvEQO3D5ab7YPUz8JnAnUCNtN--INOs2AP-ew5qn8,38867
-contentctl/objects/abstract_security_content_objects/security_content_object_abstract.py,sha256=vdZvybF34Zlxf6XOjw400gYbpkPUkOtlu-JiWlAof40,9877
+contentctl/objects/abstract_security_content_objects/detection_abstract.py,sha256=L9ePzkwjkN2wfAM4su-fXJusIeryK7RqKgdqT4ViZwc,45722
+contentctl/objects/abstract_security_content_objects/security_content_object_abstract.py,sha256=VUTNG6LvYf5D1L8UA5uciBBI0VfB432-6TCe2hP-_YE,10324
 contentctl/objects/alert_action.py,sha256=E9gjCn5C31h0sN7k90KNe4agRxFFSnMW_Z-Ri_3YQss,1335
 contentctl/objects/annotated_types.py,sha256=jnX02BQT4dHbd_DCIjik0PNN3kgsvb7sxAz_1Jy8TOY,259
-contentctl/objects/atomic.py,sha256=BP27gP8KHeODp6UazhVFxwDQ64wuJCARGsLfIH34h7U,8768
+contentctl/objects/atomic.py,sha256=L9QSmwmmSFFfvUykPk_nXwz9XDz-Gn6e0rrDxxRO8uY,7292
 contentctl/objects/base_test.py,sha256=qUtKQJrqCto_fwCBdiH68_tXqokhcv9ceu2fQlBxsjA,1045
-contentctl/objects/base_test_result.py,sha256=jVroyGLb9GD6Wm2QzvgIEA3SWCZqxPsHp9PzxSvpyIs,5101
-contentctl/objects/baseline.py,sha256=Lb1vJKtDdlDrzWgrdkC9oQao_TnRrOxSwOWHf4trtaU,2150
-contentctl/objects/baseline_tags.py,sha256=fVhLF-NmisavybB_idu3N0Con0Ymj8clKfRMkWzBB-k,1762
-contentctl/objects/config.py,sha256=_DRRMdtDKxjg2u-7iEbBrvKwtABxtlrmAEC8XYBQGk8,44487
-contentctl/objects/constants.py,sha256=lfCcr1DsTZvANHj4Ee1_sEV-SebHwAn41-5EvmoEX2E,3537
-contentctl/objects/correlation_search.py,sha256=ZZVoO3M594qCy_aAMhQiOPWn8FiSFbRShUCCLx6zhNc,48434
+contentctl/objects/base_test_result.py,sha256=pr-rwr80bJej8hHNhiVBvw49FZmRuPfOIChLJjY22lY,5205
+contentctl/objects/baseline.py,sha256=cnJQt1z-PQDH6mbDU-eqo-l41LSWsaKmqU0IxuJWnGk,2139
+contentctl/objects/baseline_tags.py,sha256=fyfH2KZqUhPGCwfverYw2_ZGXQIjgkT3P7hiYDPnN4Y,1599
+contentctl/objects/config.py,sha256=Y_l7A_Ku0TEtMmWBT3-Pdu_Vo1zUGvJPkqw1RoVYPLI,50328
+contentctl/objects/constants.py,sha256=scKaQlubfjkW5n2AztY5zneAgjVLXbnyK0ZBALxPUV8,5529
+contentctl/objects/correlation_search.py,sha256=_BlHgLmmY5OdrV3f301radrH1cE2Gpr1GqVTmCxWP44,46272
+contentctl/objects/dashboard.py,sha256=GKb_YqZMSP98Y97AlKffJrtVUufZzJag-zdmqRePLZ4,4114
 contentctl/objects/data_source.py,sha256=aRr6lHu-EtGmi6J2nXKD7i2ozUPtp7X-vDkQiutvD3I,1545
-contentctl/objects/deployment.py,sha256=Qc6M4yeOvxjqFKR8sfjd4CG06AbVheTOqP1mwqo4t8s,2651
+contentctl/objects/deployment.py,sha256=9iFo3iwvBVmBMlW-VhwX4ikbh2shl5cumSPOFMdqT2Q,3044
 contentctl/objects/deployment_email.py,sha256=Zu9cXZdfOP6noa_mZpiK1GrYCTgi3Mim94iLGjE674c,147
 contentctl/objects/deployment_notable.py,sha256=QhOI7HEkUuuqk0fum9SD8IpYBlbwIsJUff8s3kCKKj4,198
 contentctl/objects/deployment_phantom.py,sha256=EmRlPKpEij4vqUJgACqK_zcGBmHV8xXczkJi-FxMDio,207
@@ -54,55 +55,56 @@ contentctl/objects/deployment_rba.py,sha256=YFLSKzLU7s8Bt1cJkSBWlfCsc_2MfgiwyaDi
 contentctl/objects/deployment_scheduling.py,sha256=bQjbJHNaUGdU1VAGV8-nFOHzHutbIlt7FZpUvR1CV4Y,198
 contentctl/objects/deployment_slack.py,sha256=P6z8OLHDKcDWx7nbKWasqBc3dFRatGcpO2GtmxzVV8I,135
 contentctl/objects/detection.py,sha256=3W41cXf3ECjWuPqWrseqSLC3PAA7O5_nENWWM6MPK0Y,620
-contentctl/objects/detection_tags.py,sha256=r7nIYMMspPk68aQx5q04jQaFGO4zTYG1P1UAUrX9qtU,11023
-contentctl/objects/enums.py,sha256=37v7w8xCg5j5hxP3kod0S3HQ9BY-CqZulPiwhnTtEvs,14052
-contentctl/objects/errors.py,sha256=gnD99z4O00EBbMerUjt4368q8mohm3Zb9HByG3CP_A0,525
+contentctl/objects/detection_metadata.py,sha256=eCsru2cymc3VINjt9MpDyGw2zXa2HyVEPv-XiGAcAeQ,2236
+contentctl/objects/detection_stanza.py,sha256=842fHPfGDdddHF5UzgftYr8OlYblWhMWZxPQsTu2wKg,3066
+contentctl/objects/detection_tags.py,sha256=iozG-McM6VRYuqWHhQXvKD_iVyug2rdofuTf4jeUaG4,11208
+contentctl/objects/drilldown.py,sha256=k_U0-vXKBCKeoUKszQ_0FdYQMq9c9mJ3PsHe6rM2lAA,3914
+contentctl/objects/enums.py,sha256=wwPC9IWOMxdZrFhXM-nDEnSvMvY8nN9Md5Mt9ELiYG0,14241
+contentctl/objects/errors.py,sha256=WURmJCqhy2CZNXXCypXVtwnjSBx-VIcB6W9oFJmzoFk,5762
 contentctl/objects/event_source.py,sha256=G9P7rtcN5hcBNQx6DG37mR3QyQufx--T6kgQGNqQuKk,415
 contentctl/objects/integration_test.py,sha256=UBBx85f517MpQXOM7-iEasACEQ0-Ia7W4rDChOHZfno,1319
 contentctl/objects/integration_test_result.py,sha256=9oVWka57alIVPiCDbNgy-OmJcBicyYbrr6anL52Wgks,278
-contentctl/objects/investigation.py,sha256=MrID5n9jnoHNKyZW0UszbiPdX4uc6tQWK-1wkns2rXA,2677
-contentctl/objects/investigation_tags.py,sha256=nFpMRKBVBsW21YW_vy2G1lXaSARX-kfFyrPoCyE77Q8,1280
-contentctl/objects/lookup.py,sha256=oZwBiHfRRrv2ZXdGyWIJWSWZMpuUbsXydaDDfpenk-4,7219
-contentctl/objects/macro.py,sha256=9nE-bxkFhtaltHOUCr0luU8jCCthmglHjhKs6Q2YzLU,2684
+contentctl/objects/investigation.py,sha256=UCiKvTW3SQrjbbVAdYxmtJb_DT3-wuVgxZvT9nudvnw,3236
+contentctl/objects/investigation_tags.py,sha256=mwjIyWtQflF_sjzKOmfcXj-DkPsgwX0jSN7_weearM4,1304
+contentctl/objects/lookup.py,sha256=vy-4JVswguJGIniIwkPG_WAeo5JlCrHUTV9FOyksRII,7516
+contentctl/objects/macro.py,sha256=nEIWRVCMQiTfSD5ajg-39laf-JH85zKE9uIFnljQTyE,3293
 contentctl/objects/manual_test.py,sha256=YNquEQ0UCzZGJ0uvHBgJ3Efho-F80ZG885ABLtqB7TI,1022
 contentctl/objects/manual_test_result.py,sha256=C4AYW3jlMsxVzCPzCA5dpAcbKgCpmDO43JmptFm--Q4,155
 contentctl/objects/mitre_attack_enrichment.py,sha256=4_9hvrxCXnGfyWqoj7C-0pCfGXEBJXfhrcSfb1cmPjs,3387
 contentctl/objects/notable_action.py,sha256=ValkblBaG-60TF19y_vSnNzoNZ3eg48wIfr0qZxyKTA,1605
-contentctl/objects/notable_event.py,sha256=ITcwLzeatSGpe8267PYN-EhgqOSoWTfciCBVu8zjOXE,682
+contentctl/objects/notable_event.py,sha256=YlmI5CbTeu2hrj1yhmvu6ma4RY_6RFvIuq8aEtrn4z8,703
 contentctl/objects/observable.py,sha256=pw0Ehi_KMb7nXzw2kuw1FnCknpD8zDkCAqBTa-M_F28,1313
 contentctl/objects/playbook.py,sha256=hSYYpdMhctgpp7uwaPciFqu1yuFI4M1NHy1WBBLyvzM,2469
 contentctl/objects/playbook_tags.py,sha256=NrhTGcgoYSGEZggrfebko0GBOXN9x05IadRUUL_CVfQ,1436
-contentctl/objects/risk_analysis_action.py,sha256=Glzcq99DAqqOJ2eZYCkUI3R5hA5cZGU0ZuCSinFf2R8,4278
-contentctl/objects/risk_event.py,sha256=b5Smh3w5Hecmi7E-Ub5DvO8iOPwnVg2ux47u7oemxX4,14041
+contentctl/objects/risk_analysis_action.py,sha256=OeatdTFXa6801JZIyvfN7c0B0rTnXpdVh1PXHCmQsz0,4275
+contentctl/objects/risk_event.py,sha256=wPVQPwvA3u_2CTeZwy7xLHrIH98mWpvBunEsQLGlb-Y,14106
 contentctl/objects/risk_object.py,sha256=yY4NmEwEKaRl4sLzCRZb1n8kdpV3HzYbQVQ1ClQWYHw,904
+contentctl/objects/savedsearches_conf.py,sha256=tCyZHqAQ9azgwIyySViY2BdM4To5Cb_GeYEEHPwR4Zc,8604
 contentctl/objects/security_content_object.py,sha256=j8KNDwSMfZsSIzJucC3NuZo0SlFVpqHfDc6y3-YHjHI,234
-contentctl/objects/ssa_detection.py,sha256=ud0T6lq-5XUlmeK8Jzw_aNLe6podVcA1o7THDYvWbik,5934
-contentctl/objects/ssa_detection_tags.py,sha256=9aRwbpQHi79NIS9rofjgxDJpw7cWXqG534_kSbvHJh8,5220
-contentctl/objects/story.py,sha256=FXe11LV19xJTtCgx7DKdvV9cL0gKeryUnE3yjpnDmrU,4957
+contentctl/objects/story.py,sha256=9q8_WosIZwq5cWIUbl_0IErV4fWc9VA18YBuJeflXn0,4823
 contentctl/objects/story_tags.py,sha256=cOL8PUzdlFdLPQHc54_-9sdI8nCE1D04oKY7KriOssI,2293
 contentctl/objects/test_attack_data.py,sha256=9OgErjdPR4S-SJpQePt0uwBLPYHYPtqKDd-auhjz7Uc,430
 contentctl/objects/test_group.py,sha256=DCtm4ChGYksOwZQVHsioaweOvI37CSlTZJzKvBX-jbY,2586
 contentctl/objects/threat_object.py,sha256=S8B7RQFfLxN_g7yKPrDTuYhIy9JvQH3YwJ_T5LUZIa4,711
+contentctl/objects/throttling.py,sha256=om0pGOMStr6sTwm5uZ7rBcSHhRLpaX6TS5x-aaPGsR0,2369
 contentctl/objects/unit_test.py,sha256=eMFehpHhmZA5WYBqhWUNRF_LpxuLM9VooAxjXeNbrxY,1144
 contentctl/objects/unit_test_baseline.py,sha256=XHvOm7qLYfqrP6uC5U_pfgw_pf8-S2RojuNmbo6lXlM,227
-contentctl/objects/unit_test_old.py,sha256=IfvytHG4ZnUhsvXgdczECZbiwv6YLViYdsk9AqeDBjQ,199
 contentctl/objects/unit_test_result.py,sha256=POQfvvPpSw-jQzINBz1_IszUMJ4Wbopu8HRS1Qe6P2M,2940
-contentctl/objects/unit_test_ssa.py,sha256=RURqXb3e0CuI5nNX8PvFucxatAvMmGSUDngVbqNpoiY,653
 contentctl/output/api_json_output.py,sha256=n3OTd5z-Vkmsn7ny6QCAar_jSMNuuJfzAQa7xq_9if4,9085
 contentctl/output/attack_nav_output.py,sha256=95iKV8U9BMMgqh6cCOw1S89Ln73xmJGgJPHTYR0L7hA,2304
 contentctl/output/attack_nav_writer.py,sha256=64ILZLmNbh2XLmbopgENkeo6t-4SRRG8xZXBmtpNd4g,2219
-contentctl/output/conf_output.py,sha256=7HcHM9pJLNnan1Kq_7ozvs5iOgfzqdKbO6gwxUZJVnc,9994
-contentctl/output/conf_writer.py,sha256=2TaCAPEtU-bMa7A2m7xOxh93PMpzIdhwiHiPLUCeCB4,8281
+contentctl/output/conf_output.py,sha256=gmO180RpPPB1H1_tkNpQERkai--l0iRS7qV-kMtFir0,10136
+contentctl/output/conf_writer.py,sha256=o0lpCGKuOtFrf_7uV4Qq8nCBL69fivCkEavmxGXFuvs,9575
 contentctl/output/data_source_writer.py,sha256=ubFjm6XJ4T2d3oqfKwDFasITHeDj3HFmegqVN--5_ME,1635
 contentctl/output/detection_writer.py,sha256=AzxbssNLmsNIOaYKotew5-ONoyq1cQpKSGy3pe191B0,960
 contentctl/output/doc_md_output.py,sha256=gf7osH1uSrC6js3D_I72g4uDe9TaB3tsvtqCHi5znp0,3238
 contentctl/output/jinja_writer.py,sha256=bdiqr9FaXYxth4wZ1A52zTMAS5stHNGpezTkaS5pres,1119
 contentctl/output/json_writer.py,sha256=Z-iVLnZb8tzYATxbQtXax0dz572lVPFMNVTx-vWbnog,1007
-contentctl/output/new_content_yml_output.py,sha256=ktZ9miHluqkw8jD-pn-62bjVp1sQqqQ7B53xy18DHU8,2321
+contentctl/output/new_content_yml_output.py,sha256=KvP0FffQBPznSKqJyRQMtehf4XYEVK5jiPlUwnkekUc,2061
 contentctl/output/svg_output.py,sha256=T2p4S085MKj5VPZKvo4tWBVOmYme32J9L7kMEBm3SwQ,2751
-contentctl/output/templates/analyticstories_detections.j2,sha256=MYefoyWAq4b7dth3OlbMWNhFnH3_nnMKaOfw0lMkxT4,917
-contentctl/output/templates/analyticstories_investigations.j2,sha256=7bwt_6U3dr9hbxOUkp0a1KnRJohNgC7GE1zRg_N_awI,515
-contentctl/output/templates/analyticstories_stories.j2,sha256=w_MIadmsynoO_tCmofZj3_5TEmxeHnQEPJuhYaqqc-4,668
+contentctl/output/templates/analyticstories_detections.j2,sha256=TZHnWEPWWwMjGgPswMoT9Dcfqs2X2E1lJCVXYwqveHY,970
+contentctl/output/templates/analyticstories_investigations.j2,sha256=kqy9lR6W3avqETCM2tSZ8WWOlfiyOtFv6G5N4SZWSaQ,527
+contentctl/output/templates/analyticstories_stories.j2,sha256=4rS-oN6JHAVKF3ToMxzHqK7asytw1R4OQmZGtzdRRBI,663
 contentctl/output/templates/app.conf.j2,sha256=Y9vDwdU1yRTQZ7jBQWLFo0XAEerN_6IXrkXdS3xkcuM,737
 contentctl/output/templates/app.manifest.j2,sha256=n9TBpikEOD-HQzsad4Fmd0iH5cosRQ12SiXXYZhcO0g,1063
 contentctl/output/templates/collections.j2,sha256=rDpAcqM6hRiyCQPgfRh8KcL41Mrqsc97krQ-JPFhSBQ,181
@@ -119,13 +121,12 @@ contentctl/output/templates/doc_stories.j2,sha256=0J3dAbfSZz-Ma1-C9B6vYPKGwrxoZr
 contentctl/output/templates/doc_story_page.j2,sha256=jrf-As8GbqLarRoiDipfM9ZUVRl_bhdNsy-XaCrBaXE,874
 contentctl/output/templates/es_investigations_investigations.j2,sha256=M4beFAFrkdhOIda2uYOXOxm9eBTdtSrTg07ke8FcELs,1013
 contentctl/output/templates/es_investigations_stories.j2,sha256=3_adGXuyMR6v-k3uc6_ht13UqX1AI4HagRdokwW0tqk,388
-contentctl/output/templates/finding_report.j2,sha256=DS9ElRGeyz7UFPiTXiqbhUzOrT4eN8oetdBheQJRFck,1753
 contentctl/output/templates/header.j2,sha256=3usV7jm1q6J-QNnQrZzII9cN0XEGQjg_eVKrEQwfOG0,201
 contentctl/output/templates/macros.j2,sha256=SLcQQ5X7TZS8j-2qP06BTXqdIcnwoYqTAaBLX2Dge7Y,390
 contentctl/output/templates/panel.j2,sha256=Cw_W6p-14n6UivVfpS75KKJiJ2VpdGsSBceYsUYe9gk,221
-contentctl/output/templates/savedsearches_baselines.j2,sha256=xr05J9WJSVdwpiBoPWEejZ1hmeqInyDKyDH4kjzHP6U,1743
-contentctl/output/templates/savedsearches_detections.j2,sha256=Y-yrvikFG7zQx6bJ-AkVFdZR8P6kRE-gQHyHc1aEyvs,6376
-contentctl/output/templates/savedsearches_investigations.j2,sha256=aFIDK4NqtsZr3fb4F_tv9UQTQ2Z-n9pkP5rIocPA65Q,1259
+contentctl/output/templates/savedsearches_baselines.j2,sha256=BfpNrApucyByZHYW-Az63NO7hXBRYtlQCZcgBcLDv60,1683
+contentctl/output/templates/savedsearches_detections.j2,sha256=WEpY9C81cifCM0ZC_pubn9pNIXcnPPhQGSrmr79j1aI,6672
+contentctl/output/templates/savedsearches_investigations.j2,sha256=3jWg3OEwnexZxebpyP9_7lbZI407e5rlx1-epRs1Kpc,1170
 contentctl/output/templates/transforms.j2,sha256=-cSoie0LgJwibtW-GMhc9BQlmS6h1s1Vykm9O2M0f9Y,1456
 contentctl/output/templates/workflow_actions.j2,sha256=DFoZVnCa8dMRHjW2AdpoydBC0THgiH_W-Nx7WI4-uR4,925
 contentctl/output/yml_output.py,sha256=xtTD3f_WWy8O6Joi4S8gG9paot8JpQFRlwt17_ek5B4,2682
@@ -160,14 +161,14 @@ contentctl/templates/deployments/escu_default_configuration_hunting.yml,sha256=h
 contentctl/templates/deployments/escu_default_configuration_ttp.yml,sha256=1D-pvzaH1v3_yCZXaY6njmdvV4S2_Ak8uzzCOsnj9XY,548
 contentctl/templates/detections/application/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 contentctl/templates/detections/cloud/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-contentctl/templates/detections/endpoint/anomalous_usage_of_7zip.yml,sha256=tw5_HVqMyx6itht6v2fz6Uqoy3EoIJ_lzVlrRABrMhY,3311
+contentctl/templates/detections/endpoint/anomalous_usage_of_7zip.yml,sha256=AwAjsSuNAEux-_P4Co_Rf73IzSQF6XNhVcCzgU_bGT0,4189
 contentctl/templates/detections/network/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 contentctl/templates/detections/web/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 contentctl/templates/macros/security_content_ctime.yml,sha256=Gg1YNllHVsX_YB716H1SJLWzxXZEfuJlnsgB2fuyoHU,159
 contentctl/templates/macros/security_content_summariesonly.yml,sha256=9BYUxAl2E4Nwh8K19F3AJS8Ka7ceO6ZDBjFiO3l3LY0,162
 contentctl/templates/stories/cobalt_strike.yml,sha256=rlaXxMN-5k8LnKBLPafBoksyMtlmsPMHPJOjTiMiZ-M,3063
-contentctl-4.3.4.dist-info/LICENSE.md,sha256=hQWUayRk-pAiOZbZnuy8djmoZkjKBx8MrCFpW-JiOgo,11344
-contentctl-4.3.4.dist-info/METADATA,sha256=YgRlkSBe1UQmgQfU3wIVwH0lufqLvfhjnnhY2qBNxiU,20925
-contentctl-4.3.4.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
-contentctl-4.3.4.dist-info/entry_points.txt,sha256=5bjZ2NkbQfSwK47uOnA77yCtjgXhvgxnmCQiynRF_-U,57
-contentctl-4.3.4.dist-info/RECORD,,
+contentctl-4.4.0.dist-info/LICENSE.md,sha256=hQWUayRk-pAiOZbZnuy8djmoZkjKBx8MrCFpW-JiOgo,11344
+contentctl-4.4.0.dist-info/METADATA,sha256=t549QwVJvw3Mh33Z1UlOWrdGfWdbSqU9KWkhSdvmIiw,21536
+contentctl-4.4.0.dist-info/WHEEL,sha256=Nq82e9rUAnEjt98J6MlVmMCZb-t9cYE2Ir1kpBmnWfs,88
+contentctl-4.4.0.dist-info/entry_points.txt,sha256=5bjZ2NkbQfSwK47uOnA77yCtjgXhvgxnmCQiynRF_-U,57
+contentctl-4.4.0.dist-info/RECORD,,

{contentctl-4.3.4.dist-info → contentctl-4.4.0.dist-info}/WHEEL

@@ -1,4 +1,4 @@
 Wheel-Version: 1.0
-Generator: poetry-core 1.9.0
+Generator: poetry-core 1.9.1
 Root-Is-Purelib: true
 Tag: py3-none-any