contentctl 5.0.0a2__py3-none-any.whl → 5.0.0a3__py3-none-any.whl

contentctl-5.0.0a3.dist-info/RECORD

@@ -0,0 +1,168 @@
+contentctl/__init__.py,sha256=kUR5RAFc7HCeiqdlX36dZOHkUI5wI6V_43RpEcD8b-0,22
+contentctl/actions/build.py,sha256=M68XubxTqI-LiW8P4eaNmb62pWNQtVE8cF3xKb6g44c,5669
+contentctl/actions/deploy_acs.py,sha256=w3OqO8GXzB_5zHrE8lDYbadAy4Etw7F2o84Gze74RY0,3264
+contentctl/actions/detection_testing/DetectionTestingManager.py,sha256=TWZpmDjMqWRWyzsLyiYol_jAovAr6ok9J_GzE9-kNN0,9079
+contentctl/actions/detection_testing/GitService.py,sha256=a6y7lqCgSL1KdSVEgJDxawea8ZgEkGNfOKEf9v_BgLo,11135
+contentctl/actions/detection_testing/generate_detection_coverage_badge.py,sha256=bGUVKjKv96lTw1GZ4Kw1JX-Yicu4aOJWm-IL524e9HI,2302
+contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructure.py,sha256=52Xsbyq4M913kXuQ8JcjYfP2BvwRJo3chK1p2hK76o0,57281
+contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructureContainer.py,sha256=qYWgRW7uc-15jzwv5xSUF2xyLDmtyGyMfuXkQK9j-aM,7221
+contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructureServer.py,sha256=Q1ZfCYOp54O39bgTScZMInkmZiU-bGAM9Hiwr2mq5ms,370
+contentctl/actions/detection_testing/progress_bar.py,sha256=UrpNCqxTmQ4hfoRZgxPJ1xvDVwMrTq0UnotdryHN0gM,3232
+contentctl/actions/detection_testing/views/DetectionTestingView.py,sha256=E07v2VK-pyLMeTA6EtNI_04kt-T90SwSM4kN9yfp-2I,7475
+contentctl/actions/detection_testing/views/DetectionTestingViewCLI.py,sha256=-4yhxGJsafcRRAIebFZebUG_qSkASDLHajN9piAPlvM,2104
+contentctl/actions/detection_testing/views/DetectionTestingViewFile.py,sha256=G-6YqBtj0R1A9eiPrgHP2yvUMm7H8wopTBYjxIEIl8g,1090
+contentctl/actions/detection_testing/views/DetectionTestingViewWeb.py,sha256=CXV1fByf3J-Jc4D9U6jgWSaUhNzjcMpvEgRMuusF2vU,4740
+contentctl/actions/doc_gen.py,sha256=P2-RYsJoW-QuhAkSpOQespDLJBC-4Cq3-XGTmadK8Ys,936
+contentctl/actions/initialize.py,sha256=KaWSbrTaJA4vNSpKc_rwdlaaERnWw_hPlWwsPOA6Gy8,3191
+contentctl/actions/inspect.py,sha256=rXnrhDt59-n0Jqh_UZ0tDzpKqiOvkGzlvSypXoarKjU,18322
+contentctl/actions/new_content.py,sha256=bd8BEx0PfTVZRY3Z7QxBr0p87UdFDUvPuFrYQzQRJR0,8368
+contentctl/actions/release_notes.py,sha256=_Rdljg0tPSAFlw34LJ7dUsHLiH8tJTQ6B95X6MvxURo,17023
+contentctl/actions/reporting.py,sha256=GF32i7sHdc47bw-VWSW-nZ1QBaUl6Ni1JjV5_SOyiAU,1660
+contentctl/actions/test.py,sha256=GTtvHi1yB5yDm1jPMyuc4WxczOq-O7f2N8LpTmMaWgU,6014
+contentctl/actions/validate.py,sha256=thnxanLj6mfw5g17C1FrzWlkpyIT_AjnDxv_wyNdspA,5837
+contentctl/api.py,sha256=6s17vNOW1E1EzQqOCXAa5uWuhwwShu-JkGSgrsOFEMs,6329
+contentctl/contentctl.py,sha256=bO7jKOn9oSDQ4YncN9msu1cwyEXGdDTLcCHh8X9dzzY,11185
+contentctl/enrichments/attack_enrichment.py,sha256=68C9xQ8Q3YX-luRdK2hLnwWtRFpheFA2kE4v5GOLGEo,6358
+contentctl/enrichments/cve_enrichment.py,sha256=TsZ52ef2njt19lPf_VyclY_-5Z5iQ1boVOAxFbjGdSQ,2431
+contentctl/enrichments/splunk_app_enrichment.py,sha256=Xynxjjkqlw0_RtQ1thGSFwy1I3HdmPAJmNKZezyqniU,3419
+contentctl/helper/link_validator.py,sha256=kzEi2GdncPWSi-UKNerXm2jtTJfFQ5goS9pqyAz5U5c,7427
+contentctl/helper/logger.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+contentctl/helper/splunk_app.py,sha256=Zq_C9rjNVqCjBNgm-5CWdBpXyeX5jSpbE-QTGptEZlk,14571
+contentctl/helper/utils.py,sha256=rigwZzCwWzn11sKTVWDkYEtLmRSf0yBbJ671OSRQnOM,19094
+contentctl/input/director.py,sha256=asK4yUlSVdv0QDUzCrTEXQUm0j9hbzVu55o_-wD-eWc,11560
+contentctl/input/new_content_questions.py,sha256=z2C4Mg7-EyxtiF2z9m4SnSbi6QO4CUPB3wg__JeMXIQ,4067
+contentctl/input/yml_reader.py,sha256=ymmAqsWsf9Oj56waDOhCh_E4SomkSCmu4dAx7iURFt8,2050
+contentctl/objects/abstract_security_content_objects/detection_abstract.py,sha256=mtVO2cilGiLq1wpE9oF9KGiUGi0FpAFypvZREe0zsJ4,44013
+contentctl/objects/abstract_security_content_objects/security_content_object_abstract.py,sha256=N7tgricbUg-kp50J0y-3kB062u4b_RXIHgOs2bmfcJY,10458
+contentctl/objects/alert_action.py,sha256=iEvdEOT4TrTXT0z4rQ_W5v79hPJpPhFPSzo7TuHDxwA,1376
+contentctl/objects/annotated_types.py,sha256=eAMm1Nm3_C5pwfCxhzL5ynDRsC_eK614bFuwUFxPVLw,261
+contentctl/objects/atomic.py,sha256=5nl-JhZnymadi8B8ZEJ8l80DnpvjG-OlRxUjVKR6ffY,7341
+contentctl/objects/base_test.py,sha256=JG6qlr7xe9P71n3CzKOro8_bsmDQGYDfTG9YooHQSIE,1105
+contentctl/objects/base_test_result.py,sha256=TYYzTPKWqp9rHTebWoid50uxAp_iALZouril4sFwIcA,5197
+contentctl/objects/baseline.py,sha256=c8MxIRoO-ItODDCckYujRzcYlZhx_CGm6eILbyfBJ7s,3070
+contentctl/objects/baseline_tags.py,sha256=Eomy8y3HV-E6Lym5B5ZZTtsmQJYi6Jd4y8GZpTWGYgQ,1643
+contentctl/objects/config.py,sha256=5nK3EkUea-6qUvSzqAxl5UyoLRlldKsh9K8glaBup3I,48603
+contentctl/objects/constants.py,sha256=x8JCo7TBXO8qDMfqn-Px7D0nZM9UvJJ4-IysmkyeRj0,4782
+contentctl/objects/correlation_search.py,sha256=ab6v-0nbzujhTMpwaXynQiInWpRO1zB5KR4eZLCav_M,45234
+contentctl/objects/dashboard.py,sha256=qMSP76hkJo7PVsWr19hQW4eYoUqGTcRejaOEjlcA_DY,4198
+contentctl/objects/data_source.py,sha256=4u4JaA-Q5xa0gS61yarJuowgy4TrAYE98O2G8o9CQzA,1454
+contentctl/objects/deployment.py,sha256=FRsgsX2T1gvA_0A44_sFPr22rsedxXVIhtO7o9F7eZM,2902
+contentctl/objects/deployment_email.py,sha256=_Sdr_BNjvXECiFonRHLkiOrIQp3slnUaERbptqRbD0Q,206
+contentctl/objects/deployment_notable.py,sha256=j5AniTRDcw32El5H91qKOXDVZvUYxnIuM4Zzlhrm9cM,258
+contentctl/objects/deployment_phantom.py,sha256=Qs9UH3pYe2M3evLLgn5FblTe28QH1QojVaBGM_Ydvjw,261
+contentctl/objects/deployment_rba.py,sha256=n_v79NhcLYHyABceKsI_iEziWhp3uNrqxIUrC8tdjD4,184
+contentctl/objects/deployment_scheduling.py,sha256=PbyAeIEV6ShHuwfzF4LtGrv6tNt1cwNdl-VDQLj0rE8,257
+contentctl/objects/deployment_slack.py,sha256=pC8-BB4qOD5fUqUi7Oj2Tre7-kKVqW2xEvCF7tZENQ4,194
+contentctl/objects/detection.py,sha256=GKjjhnwyFxm7139dOlPJ4c3vIW0675-NLCPWxEB5m-c,631
+contentctl/objects/detection_metadata.py,sha256=JMz8rtcn5HfeEoaAx34kw2wXa35qsRIap_mXoY0Vbss,2237
+contentctl/objects/detection_stanza.py,sha256=-BRQNib5NNhY7Z2fILS5xkpjNkGSLF7qBciTmgOgLV8,3112
+contentctl/objects/detection_tags.py,sha256=kOb-hb83k71m3YkfJ5l-fw3sODMgmekuES7WlT5suAQ,8573
+contentctl/objects/drilldown.py,sha256=Vinw6UYlOl0YzoRA_0oBCfHA5Gvgu5p-rEsfBIgMCdI,4186
+contentctl/objects/enums.py,sha256=HdaSQgEQ_T38BIlVYk1xdqMm05YyhQb0720nzBorXQw,13554
+contentctl/objects/errors.py,sha256=xX_FDUaJbJiOWgjgrzjtYW5QsD41UZ2KWqH-yGkHaCU,5554
+contentctl/objects/integration_test.py,sha256=TYjKyH4YinUnYXOse5BQGCa4-ez_5mtoMwvh1JJcb0o,1254
+contentctl/objects/integration_test_result.py,sha256=_uUSgqgjFhEZM8UwOJI6Q9K-ekIrbKU6OPdqHZycl-s,279
+contentctl/objects/investigation.py,sha256=mFH83p2UKW_1mu9kxJY0EzPPBsA6dWReaUmfrofG4ek,3436
+contentctl/objects/investigation_tags.py,sha256=qDGNusrWDvCX_GcBEzag2MydSV0LIhGxoXZGgxDXfHA,1317
+contentctl/objects/lookup.py,sha256=mzOPhMDyoNZKLAj8zf6Wg6i9FJKMu3qHWinATtH75I8,13015
+contentctl/objects/macro.py,sha256=usbxyOPIRIJoDmvawfP2DxtFNf71GaDwffxiZsRkP5A,3594
+contentctl/objects/manual_test.py,sha256=cx_XAtQ8VG8Ui_F553Xnut75vFEOtRwm1dDIIWNpOaM,952
+contentctl/objects/manual_test_result.py,sha256=FyCVVf-f1DKs-qBkM4tbKfY6mkrW25NcIEBqyaDC2rE,156
+contentctl/objects/mitre_attack_enrichment.py,sha256=Qzm-P-gx_j-qOe6CKaUCv7AmcNy9EFwnMkw0oYsMfAY,3314
+contentctl/objects/notable_action.py,sha256=sW5XlpGznMHqyBmGXtXrl22hWLiCoKkfGCasGtK3rGo,1607
+contentctl/objects/notable_event.py,sha256=2aOtmfnsdInTtN_fHAGIKmBTBritjHbS_Nc-pqL-GbY,689
+contentctl/objects/playbook.py,sha256=mgYbWsD3OW86u11MbIFKvmyFueSoMJ1WBJm_rNrFvAo,2425
+contentctl/objects/playbook_tags.py,sha256=O5obkQyb82YdJEii8ZJEQtrHtLOSnAvAkT1qIgpCK2s,1547
+contentctl/objects/rba.py,sha256=N1i_ggXjYmHluvYZRq6OJddlbokDnS1mkUsmehmFWOg,2880
+contentctl/objects/risk_analysis_action.py,sha256=v-TQktXEEzbGzmTtqwEykXoSKdGnIlK_JojnqvvAE1s,4370
+contentctl/objects/risk_event.py,sha256=JQUmXriiwi5FetqVnhM0hf5cUp6LzLSNPuoecC2JKK0,12593
+contentctl/objects/risk_object.py,sha256=5iUKW_UwQLjjLWiD_vlE78uwH9bkaMNCHRNmKM25W1Q,905
+contentctl/objects/savedsearches_conf.py,sha256=Dn_Pxd9i3RT6DwNh6JrgmfxjsO3q15xzMksYr3wIGwQ,8624
+contentctl/objects/security_content_object.py,sha256=iDnhq81P7m6Qkmc_Yi-wOyFm9gZUYnPy1GJxxyCtonA,245
+contentctl/objects/story.py,sha256=PQGDjtOkd4ROEYu1g7w631PRDWI3naLwXf-knyKqnGs,4908
+contentctl/objects/story_tags.py,sha256=SLwgkckLxBdtgJro0LnYgj5TFHZEgMiaqDI9q6OfNE0,2364
+contentctl/objects/test_attack_data.py,sha256=7p-kOJguTZtG9y5th5U3qfPFvpiAWLST_OBw8dwWl_4,488
+contentctl/objects/test_group.py,sha256=r-dXyddok4yslv8SIjwOpqylbN1rdjsRi-HIijvpWD0,2602
+contentctl/objects/threat_object.py,sha256=CB3igcmiq06lqnEh7h-btxFrBfgZbHaA9p8kFDKY6lQ,712
+contentctl/objects/throttling.py,sha256=oupWmdtvwAXzLmD3MBJyAU18SD2L2ciEZWUcnL8MuGk,2309
+contentctl/objects/unit_test.py,sha256=-rtSmZ8N2UZ4NkDsfzNXzXiF6dTDwt_jsQ_14xp0hjs,1005
+contentctl/objects/unit_test_baseline.py,sha256=ezg8Ctih_3che2ln2tuVCAtRPHaf5tDMR3dGb34MqaA,287
+contentctl/objects/unit_test_result.py,sha256=gqHqYN5XGBKdV-mdKhAdwfOw4_PpN3i9z_b6ciByDSc,2928
+contentctl/output/api_json_output.py,sha256=QWe_KWlHHxE4Mhd3BHRfJbUJ4z2mLHZn_eMWfMVInik,8237
+contentctl/output/attack_nav_output.py,sha256=2_JISJ3sL4dVAwrIfZ7c426CGz5gjUBVkWh0uFO2MXU,2276
+contentctl/output/attack_nav_writer.py,sha256=FEua57vv347PjFiu1skOEGAbxIqPWMN8Iyp8nDrIvAA,2044
+contentctl/output/conf_output.py,sha256=2_ofRqMro4xmFzf6ZmPRDd93pCG-LQhOiB_kE4owADc,10609
+contentctl/output/conf_writer.py,sha256=9eqt2tm1xjs397pwWLz5oPJcMHbs62ejRG7KghGQQCI,15137
+contentctl/output/data_source_writer.py,sha256=hjr0b5zfJ2UHcDLbCkmTrqma1ngu8F5vWFPJEwOZwU8,1860
+contentctl/output/doc_md_output.py,sha256=wlgbzBD2hUbQNIW2zv5sdrq2UdAKhOZJUYSObnpWQfY,3552
+contentctl/output/jinja_writer.py,sha256=5PbFrc8KuLWrlNIHDvMTyvJ18u_mtjd5Led6-9sn2Eo,1204
+contentctl/output/json_writer.py,sha256=waw73wOmalSrUFcr2K1CWR-xz5oW8il10zDAn56mtMg,1041
+contentctl/output/svg_output.py,sha256=5s9fjmKullMV6cCCGwP7_xvQwg9EZLOKRKMw_IyO6hY,2988
+contentctl/output/templates/analyticstories_detections.j2,sha256=_xM5MMC_O5aLTBI04afgrCnYVfojmbb3J1JVq2AkaT8,964
+contentctl/output/templates/analyticstories_investigations.j2,sha256=kqy9lR6W3avqETCM2tSZ8WWOlfiyOtFv6G5N4SZWSaQ,527
+contentctl/output/templates/analyticstories_stories.j2,sha256=4rS-oN6JHAVKF3ToMxzHqK7asytw1R4OQmZGtzdRRBI,663
+contentctl/output/templates/app.conf.j2,sha256=UL80Px4IUGPD-DgcAiUrS4emHBIY7DxleSNyNXCH5tQ,623
+contentctl/output/templates/app.manifest.j2,sha256=Q1803mcfgNvUs8s4e1zD1J3_mxfPYVtLkD8fhCO6d-I,1103
+contentctl/output/templates/collections.j2,sha256=w2hkY7Yfm7AmY1O_7DP-znLS_whgKX79VbnW7QlvrNU,151
+contentctl/output/templates/content-version.j2,sha256=2-it0TF5BvqUcmUXVFB4DEh0I01igQGDxZNJpdtDFIA,54
+contentctl/output/templates/detection_count.j2,sha256=9U3o-P_ECkMknsooj_L3B9GZqjnsbaEzr59s3-DOK0I,670
+contentctl/output/templates/detection_coverage.j2,sha256=guE4fow9BqGoCCrQ3b6-EZqWJcThb58V9khuIH7nhT0,631
+contentctl/output/templates/doc_detection_page.j2,sha256=kATedDq0Z8tzxKiD3nD0_-7YiOrjssUMYSDenRYTh6A,1012
+contentctl/output/templates/doc_detections.j2,sha256=tjTQh6R5zMMmBm9hk-8dFG5p0PyhWSGkrYeRxe9gfPU,6500
+contentctl/output/templates/doc_navigation.j2,sha256=h25ITC3xcAM17uZGIyyDFURmEdYtQSPvNeWN3RH7j4Q,1471
+contentctl/output/templates/doc_navigation_pages.j2,sha256=ptfjbD4F0Ob7dze9at2q5gqOslcbL3eteUO1zsblDJo,203
+contentctl/output/templates/doc_playbooks.j2,sha256=CWsnm8F097oYT8anW3CE7JaX1haAJTfylThP1ic0UIw,1681
+contentctl/output/templates/doc_playbooks_page.j2,sha256=2d5UNDSOxyMtxKGxGHzJ2Ny_UrqTq267NO1h-lmNduc,679
+contentctl/output/templates/doc_stories.j2,sha256=0J3dAbfSZz-Ma1-C9B6vYPKGwrxoZryYoudy3wUIT4s,1827
+contentctl/output/templates/doc_story_page.j2,sha256=jrf-As8GbqLarRoiDipfM9ZUVRl_bhdNsy-XaCrBaXE,874
+contentctl/output/templates/es_investigations_investigations.j2,sha256=M4beFAFrkdhOIda2uYOXOxm9eBTdtSrTg07ke8FcELs,1013
+contentctl/output/templates/es_investigations_stories.j2,sha256=3_adGXuyMR6v-k3uc6_ht13UqX1AI4HagRdokwW0tqk,388
+contentctl/output/templates/header.j2,sha256=3usV7jm1q6J-QNnQrZzII9cN0XEGQjg_eVKrEQwfOG0,201
+contentctl/output/templates/macros.j2,sha256=SLcQQ5X7TZS8j-2qP06BTXqdIcnwoYqTAaBLX2Dge7Y,390
+contentctl/output/templates/panel.j2,sha256=Cw_W6p-14n6UivVfpS75KKJiJ2VpdGsSBceYsUYe9gk,221
+contentctl/output/templates/savedsearches_baselines.j2,sha256=BfpNrApucyByZHYW-Az63NO7hXBRYtlQCZcgBcLDv60,1683
+contentctl/output/templates/savedsearches_detections.j2,sha256=FzOCszfJjAWTE4Z40JMK6umOPxz5NjcRt3-agwmvFn0,6830
+contentctl/output/templates/savedsearches_investigations.j2,sha256=3jWg3OEwnexZxebpyP9_7lbZI407e5rlx1-epRs1Kpc,1170
+contentctl/output/templates/server.conf.j2,sha256=sPZUkiuJNGm9R8rpjfRKyuAvmmQb0C4w9Q6hpmvmPeU,127
+contentctl/output/templates/transforms.j2,sha256=X38npfkFDKaXHZpU0t0ZUglva7iHyeMXB_8Kc3Ssoy4,1468
+contentctl/output/templates/workflow_actions.j2,sha256=DFoZVnCa8dMRHjW2AdpoydBC0THgiH_W-Nx7WI4-uR4,925
+contentctl/output/yml_writer.py,sha256=gGgbamHWunHKjj47TcqB04k0xliX6w3H7iajZtUZRSU,2124
+contentctl/templates/README.md,sha256=GoRmywUqwnjaehY_GLmGqxsFXCLP9plpDYwB6W6nVPs,428
+contentctl/templates/app_default.yml,sha256=kDeYdJbfMADQPcho8iH1nqgTFrHNt4EXnIJjPHc2unI,6390
+contentctl/templates/app_template/README/essoc_story_detail.txt,sha256=7hFPBfPpRH28TFl7QchKceZLewQqgFjRWDlmxZzwpmo,897
+contentctl/templates/app_template/README/essoc_summary.txt,sha256=u6wYNYBqmmm7Kn_g_Uex8rRzMQ995MUXCavla95Y1dw,2538
+contentctl/templates/app_template/README/essoc_usage_dashboard.txt,sha256=xYUKKVtdgzPyT3mqdTccaBZuwWnC63lbc9zyYpmHN4o,2432
+contentctl/templates/app_template/README.md,sha256=RT-J9bgRSFsEFgNr9qV6yc2LkfUH_uiMJ2RV4NM9Ymo,366
+contentctl/templates/app_template/default/analytic_stories.conf,sha256=zWuCOOl8SiP7Kit2s-de4KRu3HySLtBSXcp1QnJx0ec,168
+contentctl/templates/app_template/default/commands.conf,sha256=U2ccwUeGXKKKt5jo14QY5swi-p9_TSJtaNquOkeF3Yk,319
+contentctl/templates/app_template/default/data/ui/nav/default.xml,sha256=fKN53HZCtNJbQqq_5pP8e5-5m30DRrJittr6q5s6V_0,236
+contentctl/templates/app_template/default/data/ui/views/escu_summary.xml,sha256=jQhkIthPgEEptCJ2wUCj2lWGHBvUl6JGsKkDfONloxI,8635
+contentctl/templates/app_template/default/data/ui/views/feedback.xml,sha256=uM71EMK2uFz8h68nOTNKGnYxob3HhE_caSL6yA-3H-k,696
+contentctl/templates/app_template/default/use_case_library.conf,sha256=zWuCOOl8SiP7Kit2s-de4KRu3HySLtBSXcp1QnJx0ec,168
+contentctl/templates/app_template/lookups/mitre_enrichment.csv,sha256=tifPQjFoQHtvpb78hxSP2fKHnHeehNbZDwUjdvc0aEM,66072
+contentctl/templates/app_template/metadata/default.meta,sha256=h66ea1l3qMzDRgDUAXsJvGKeJnp5w-s2unYMZ9dJLzM,433
+contentctl/templates/app_template/static/appIcon.png,sha256=jcJ1PNdkBX7Kl_y9Tf0SZ55OJYA2PpwjvkVvBt9_OoE,3658
+contentctl/templates/app_template/static/appIconAlt.png,sha256=uRXjoHQQjs0-BxcK-3KNBEdck1adDNTHMvV14xR4W0g,2656
+contentctl/templates/app_template/static/appIconAlt_2x.png,sha256=I0m-CPRqq7ak9NJQZGGmz6Ac4pmzFV_SonOUxOEDOFs,7442
+contentctl/templates/app_template/static/appIcon_2x.png,sha256=XEpqQzDvzuEV5StzD05XRgxwySqHHLes1hMPy2v5Vdk,3657
+contentctl/templates/data_sources/sysmon_eventid_1.yml,sha256=7PIcLr1e9Ql-wu_Dk9D4JAZs1OWDby-tY77nDDUZ1CQ,6079
+contentctl/templates/datamodels_cim.conf,sha256=RB_SCtpQG_KaC_0lKTCKexVOlEq_ShGwpGlg95aqOfs,9381
+contentctl/templates/datamodels_custom.conf,sha256=6BANthXdqg3fYpYmEqiGZnv4cWheNfXz1uQ_I1JePXc,480
+contentctl/templates/deployments/escu_default_configuration_anomaly.yml,sha256=j_H2wovWBj1EKxVwj3mMoJVQnVm-2Imt7xnB9U1Tun4,418
+contentctl/templates/deployments/escu_default_configuration_baseline.yml,sha256=NzUvaotkk7hatx9EBjROFIwsvSOZXgfAJUvGS8JrUMg,334
+contentctl/templates/deployments/escu_default_configuration_correlation.yml,sha256=iWLqvJnUKVhpKaLBc_w_W65d9HVZgOZfGA-RIpxsH6M,519
+contentctl/templates/deployments/escu_default_configuration_hunting.yml,sha256=hHmM8u7zncpb-32Qv74UoNs0HKwZwCMoKAq2ygDJZbo,329
+contentctl/templates/deployments/escu_default_configuration_ttp.yml,sha256=1D-pvzaH1v3_yCZXaY6njmdvV4S2_Ak8uzzCOsnj9XY,548
+contentctl/templates/detections/application/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+contentctl/templates/detections/cloud/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+contentctl/templates/detections/endpoint/anomalous_usage_of_7zip.yml,sha256=VQ8mxkOOm7RfnBomtOXF9XGE8fV-j5j-4pFtpocQ17Y,3875
+contentctl/templates/detections/network/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+contentctl/templates/detections/web/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+contentctl/templates/macros/security_content_ctime.yml,sha256=Gg1YNllHVsX_YB716H1SJLWzxXZEfuJlnsgB2fuyoHU,159
+contentctl/templates/macros/security_content_summariesonly.yml,sha256=9BYUxAl2E4Nwh8K19F3AJS8Ka7ceO6ZDBjFiO3l3LY0,162
+contentctl/templates/stories/cobalt_strike.yml,sha256=rlaXxMN-5k8LnKBLPafBoksyMtlmsPMHPJOjTiMiZ-M,3063
+contentctl-5.0.0a3.dist-info/LICENSE.md,sha256=hQWUayRk-pAiOZbZnuy8djmoZkjKBx8MrCFpW-JiOgo,11344
+contentctl-5.0.0a3.dist-info/METADATA,sha256=qoffZP-QlvTkV1yd5N_nghB-l2SGwZPeh1le57wGBOk,21541
+contentctl-5.0.0a3.dist-info/WHEEL,sha256=IYZQI976HJqqOpQU6PHkJ8fb3tMNBFjg-Cn-pwAbaFM,88
+contentctl-5.0.0a3.dist-info/entry_points.txt,sha256=5bjZ2NkbQfSwK47uOnA77yCtjgXhvgxnmCQiynRF_-U,57
+contentctl-5.0.0a3.dist-info/RECORD,,

contentctl/actions/initialize_old.py

@@ -1,245 +0,0 @@
-'''
-Initializes a Splunk Content Project
-'''
-
-from pathlib import Path
-import yaml
-import sys
-import questionary
-import os
-from contentctl.objects.enums import LogLevel
-
-import abc
-from pydantic import BaseModel, Field
-
-from contentctl.objects.config import Config
-
-DEFAULT_FOLDERS = ['detections', 'stories', 'lookups', 'macros', 'baselines', 'dist']
-
-
-def create_folders(path):
-
-    for folder in DEFAULT_FOLDERS:
-        folder_path = path + "/" + folder
-        if not os.path.exists(folder_path):
-            os.makedirs(folder_path)
-
-
-
-def NewContentPack(args, default_config):
-    """
-    new function creates a new configuration file based on the user input on the terminal.
-    :param config: python dictionary having the configuration 
-    :return: No return value
-    """
-    contentctl_config_file = Path(args.config)
-    if contentctl_config_file.is_file():
-        questions = [
-            {
-                'type': 'confirm',
-                'message': 'File {0} already exist, are you sure you want to continue?\nTHIS WILL OVERWRITE YOUR CURRENT CONFIG!'.format(contentctl_config_file),
-                'name': 'continue',
-                'default': True,
-            },
-        ]
-
-        answers = questionary.prompt(questions)
-        if answers['continue']:
-            print("> continuing with contentctl configuration...")
-        else:
-            print("> exiting, to create a unique configuration file in another location use the --config flag")
-            sys.exit(0)
-
-
-    # configuration parameters  
-    if os.path.exists(args.output):  
-        config_path = args.output + "/" + str(contentctl_config_file)
-    else:
-        print("ERROR, output folder: {0} does not exist".format(args.output))
-        sys.exit(1)
-
-    # deal with skipping configuration
-    if args.skip_configuration:
-        print("initializing with default configuration: {0}".format(config_path))
-        # write config file
-        with open(config_path, 'w') as outfile:
-            yaml.dump(default_config, outfile, default_flow_style=False, sort_keys=False)
-
-        # write folder structure
-        create_folders(args.output)
-        sys.exit(0)
-        
-
-    questions = [
-        {
-            "type": "select",
-            "message": "Which build format should we use for this content pack? Builds will be created under the dist/ folder.",
-            "name": "product",
-            "choices": ["Splunk App", "JSON API Objects", "BA Objects", "All"],
-            "default": "Splunk App"
-        },
-        {
-            'type': 'text',
-            'message': 'What should the Splunk App for this content pack be called?',
-            'name': 'product_app_name',
-            'default': 'Capybara Splunk Content Pack',
-            'when': lambda answers: answers['product'] == "Splunk App" or answers['product'] == "All",
-
-        },
-        {
-            'type': 'confirm',
-            'message': 'Should this content pack be deployed to a (Cloud) Splunk Enterprise Server?',
-            'name': 'deploy_to_splunk',
-            'default': False,
-
-        },
-        {
-            'type': 'text',
-            'message': 'What is the <host>:<port> of the (Cloud) Splunk Enterprise Server?',
-            'name': 'deploy_to_splunk_server',
-            'default': '127.0.0.1:8089',
-            'when': lambda answers: answers['deploy_to_splunk'],
-
-        },
-        {
-            'type': 'text',
-            'message': 'What is the username of the (Cloud) Splunk Enterprise Server?',
-            'name': 'deploy_to_splunk_username',
-            'default': 'admin',
-            'when': lambda answers: answers['deploy_to_splunk'],
-
-        },
-        {
-            'type': 'text',
-            'message': 'What is the password of the (Cloud) Splunk Enterprise Server?',
-            'name': 'deploy_to_splunk_password',
-            'default': 'xxx',
-            'when': lambda answers: answers['deploy_to_splunk'],
-
-        },    
-        {
-            'type': 'text',
-            'message': 'How often should analytics run? The schedule is on cron format (https://crontab.guru/).',
-            'name': 'scheduling_cron_schedule',
-            'default': '0 * * * *',
-        },
-        {
-            'type': 'text',
-            'message': 'What is the earliest time for analytics? Uses Splunk time modifiers (https://docs.splunk.com/Documentation/SCS/current/Search/Timemodifiers).',
-            'name': 'scheduling_earliest_time',
-            'default': '-70m@m',
-        },
-        {
-            'type': 'text',
-            'message': 'What is the latest time for analytics? Uses Splunk time modifiers (https://docs.splunk.com/Documentation/SCS/current/Search/Timemodifiers).',
-            'name': 'scheduling_latest_time',
-            'default': '-10m@m',
-        },
-        {
-            'type': 'checkbox',
-            'message': 'What should the default action be when an analytic triggers?',
-            'name': 'default_actions',
-            'choices': ["notable", "risk_event", "email"],
-            'default': 'notable',
-        },
-        {
-            'type': 'text',
-            'message': 'What email address should we send the alerts to?',
-            'name': 'to_email',
-            'default': 'geralt@monsterkiller.com',
-            'when': lambda answers: 'email' in answers['default_actions'],
-        },
-        {
-            'type': 'confirm',
-            'message': 'Should we include some example content? This will add a detection and its test with supporting components like lookups and macros.',
-            'name': 'pre_populate',
-            'default': True,
-        },
-    ]
-
-    answers = questionary.prompt(questions)
-
-    # create a custom config object to store answers
-    custom_config = default_config
-
-    # remove other product settings
-    if answers['product'] == 'Splunk App':
-        # pop other configs out
-        custom_config['build'].pop('json_objects')
-        custom_config['build'].pop('ba_objects')
-        # capture configs
-        custom_config['build']['splunk_app']['name'] = answers['product_app_name']
-        custom_config['build']['splunk_app']['path'] = 'dist/' + answers['product_app_name'].lower().replace(" ", "_")
-        custom_config['build']['splunk_app']['prefix'] = answers['product_app_name'].upper()[0: 3]
-
-    elif answers['product'] == 'JSON API Objects':
-        custom_config['build'].pop('splunk_app')
-        custom_config['build'].pop('ba_objects')
-    elif answers['product'] == 'BA Objects':
-        custom_config['build'].pop('splunk_app')
-        custom_config['build'].pop('json_objects')
-    else:
-        # splunk app config
-        custom_config['build']['splunk_app']['name'] = answers['product_app_name']
-        custom_config['build']['splunk_app']['path'] = 'dist/' + answers['product_app_name'].lower().replace(" ", "_")
-        custom_config['build']['splunk_app']['prefix'] = answers['product_app_name'].upper()[0: 3]
-
-    if answers['deploy_to_splunk']:
-        custom_config['deploy']['server'] = answers['deploy_to_splunk_server']
-        custom_config['deploy']['username'] = answers['deploy_to_splunk_username']
-        custom_config['deploy']['password'] = answers['deploy_to_splunk_password']
-    else:
-        custom_config.pop('deploy')
-    
-    custom_config['scheduling']['cron_schedule'] = answers['scheduling_cron_schedule']
-    custom_config['scheduling']['earliest_time'] = answers['scheduling_earliest_time']
-    custom_config['scheduling']['latest_time'] = answers['scheduling_latest_time']
-
-    if 'notable' in answers['default_actions']:
-            custom_config['alert_actions']['notable']['rule_description'] = '%description%'
-            custom_config['alert_actions']['notable']['rule_title'] = '%name%'
-            custom_config['alert_actions']['notable']['nes_fields'] = ['user','dest','src']
-    else:
-        custom_config['alert_actions'].pop('notable')
-    if 'risk_event' in answers['default_actions']:
-            rba = dict()
-            custom_config['alert_actions']['rba'] = rba
-            custom_config['alert_actions']['rba']['enabled'] = 'true'
-            
-    if 'email' in answers['default_actions']:
-            email = dict()
-            custom_config['alert_actions']['email'] = email
-            custom_config['alert_actions']['email']['subject'] = 'Alert %name% triggered'
-            custom_config['alert_actions']['email']['message'] = 'The rule %name% triggered base on %description%'
-            custom_config['alert_actions']['email']['to'] = answers['to_email']
-        
-   
-    # write config file
-    with open(config_path, 'w') as outfile:
-        yaml.dump(custom_config, outfile, default_flow_style=False, sort_keys=False)
-    print('Content pack configuration created under: {0} .. edit to fine tune details before building'.format(config_path))
-
-    # write folder structure
-    create_folders(args.output)
-    print('The following folders were created: {0} under {1}.\nContent pack has been initialized, please run `new` to create new content.'.format(DEFAULT_FOLDERS, args.output))
-
-    print("Load the custom_config into the pydantic model we have created")
-    cfg = ContentPackConfig().parse_obj(custom_config)
-    import pprint
-    pprint.pprint(cfg.__dict__)
-    print("********************")
-    pprint.pprint(custom_config)
-    print("done")
-        
-
-
-
-
-
-
-
-
-
-
-
-

contentctl/objects/observable.py

@@ -1,39 +0,0 @@
-from pydantic import BaseModel, field_validator, ConfigDict
-from contentctl.objects.constants import SES_OBSERVABLE_TYPE_MAPPING, RBA_OBSERVABLE_ROLE_MAPPING
-
-# TODO (cmcginley): should this class be removed?
-
-class Observable(BaseModel):
-    model_config = ConfigDict(extra="forbid")
-    name: str
-    type: str
-    role: list[str]
-
-    @field_validator('name')
-    def check_name(cls, v: str):
-        if v == "":
-            raise ValueError("No name provided for observable")
-        return v
-
-    @field_validator('type')
-    def check_type(cls, v: str):
-        if v not in SES_OBSERVABLE_TYPE_MAPPING.keys():
-            raise ValueError(
-                f"Invalid type '{v}' provided for observable.  Valid observable types are "
-                f"{SES_OBSERVABLE_TYPE_MAPPING.keys()}"
-            )
-        return v
-
-    @field_validator('role')
-    def check_roles(cls, v: list[str]):
-        if len(v) == 0:
-            raise ValueError("Error, at least 1 role must be listed for Observable.")
-        if len(v) > 1:
-            raise ValueError("Error, each Observable can only have one role.")
-        for role in v:
-            if role not in RBA_OBSERVABLE_ROLE_MAPPING.keys():
-                raise ValueError(
-                    f"Invalid role '{role}' provided for observable.  Valid observable types are "
-                    f"{RBA_OBSERVABLE_ROLE_MAPPING.keys()}"
-                )
-        return v

contentctl-5.0.0a2.dist-info/RECORD

@@ -1,170 +0,0 @@
-contentctl/__init__.py,sha256=IMjkMO3twhQzluVTo8Z6rE7Eg-9U79_LGKMcsWLKBkY,22
-contentctl/actions/build.py,sha256=J-ALH-_IFypOZWarTCLdnTo9g5IpIwEJBON2cnhwKEw,5505
-contentctl/actions/deploy_acs.py,sha256=4mD3wEgudi8UWpTW9mB5n65Bcs1w4g5cG2yflj-uEck,3259
-contentctl/actions/detection_testing/DetectionTestingManager.py,sha256=YAEtyAErvDgk4eqIXWLVllZFKe_0ZKliycR9fvWeMjI,8744
-contentctl/actions/detection_testing/GitService.py,sha256=eXrppyWPXyL3MsN5iKKUsEM1orYSDxpBraBnM17LOLs,11137
-contentctl/actions/detection_testing/generate_detection_coverage_badge.py,sha256=N5mznaeErVak3mOBwsd0RDBFJO3bku0EZvpayCyU-uk,2259
-contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructure.py,sha256=Vy-BWRC_YqctFQOxEluf2cxtA8AHV-aIS1RJx0Fril8,57138
-contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructureContainer.py,sha256=WCtyyMKTA17JzPIb10rV8C6vdG-cBzHtFC9T2CuYY2o,7047
-contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructureServer.py,sha256=Q1ZfCYOp54O39bgTScZMInkmZiU-bGAM9Hiwr2mq5ms,370
-contentctl/actions/detection_testing/progress_bar.py,sha256=jiorPxfSAX6jCK1BSQDKNYchTshBnWshWB0XphLp91A,3229
-contentctl/actions/detection_testing/views/DetectionTestingView.py,sha256=ENHVBQxR3Ws4NYZmCfmoKBtAaGX9QW028obMQ6o1YnU,7615
-contentctl/actions/detection_testing/views/DetectionTestingViewCLI.py,sha256=v5F3heZ3ZD0ik_-a_zDYSEz6oc5VdVj3e5rSSZ-tK00,2149
-contentctl/actions/detection_testing/views/DetectionTestingViewFile.py,sha256=3mBCQy3hYuX8bNqh3al0nANlMwq9sxbQjkhwA1V5LOA,1090
-contentctl/actions/detection_testing/views/DetectionTestingViewWeb.py,sha256=Q6p7UqDOYI2VjFl21_1iue76rWVsQmJUzRewtUBF1a8,4755
-contentctl/actions/doc_gen.py,sha256=YNc1VYA0ikL1hWDHYjfEOmUkfhy8PEIdvTyC4ZLxQRY,863
-contentctl/actions/initialize.py,sha256=wEO3u8vJYP8Xh2OSJ_HxfMV6mqOdkPyWbUzNGEqMTNA,3055
-contentctl/actions/initialize_old.py,sha256=0qXbW_fNDvkcnEeL6Zpte8d-hpTu1REyzHsXOCY-YB8,9333
-contentctl/actions/inspect.py,sha256=dXV020g_GwwspSgiS6jQxW0JEVr_nublJBevwZ79mZo,17424
-contentctl/actions/new_content.py,sha256=wefzwJ0uCduLTvkynls1IVJCmcs_3RU9YkDzx7iiWeo,8363
-contentctl/actions/release_notes.py,sha256=0K7zHQyVHVYK_whiv4PvxOKS4_0s1Ya_RDCrrcT3FW4,13319
-contentctl/actions/reporting.py,sha256=MJEmvmoA1WnSFZEU9QM6daL_W94oOX0WXAcX1qAM2As,1583
-contentctl/actions/test.py,sha256=gS-BIexzzjHUR8RvQADDjyTIeJvilbuufPQq10TINJE,5953
-contentctl/actions/validate.py,sha256=7w5444SiOs0R4c_2Yn0tRaFx9Nf-r7o9aMjSaz3N9Kw,5602
-contentctl/api.py,sha256=O0dNE3-WkWs2zuOeAQnIicgOtBX5s2bGBhRVo3j69-8,6327
-contentctl/contentctl.py,sha256=rVqo4MaDFWljw9_ZwgTcSjtIEC9jcVRibJ7I--YyDm0,11185
-contentctl/enrichments/attack_enrichment.py,sha256=i0p5ud7EqA2SMB7Gc8JQdIonUTjAeDN-hxKBV4XV-Rg,6391
-contentctl/enrichments/cve_enrichment.py,sha256=aXpv_kCS0XP6JpC_ZEOeBPgrl38t_vkKZe9Ay35lRi4,2347
-contentctl/enrichments/splunk_app_enrichment.py,sha256=zDNHFLZTi2dJ1gdnh0sHkD6F1VtkblqFnhacFcCMBfc,3418
-contentctl/helper/link_validator.py,sha256=-XorhxfGtjLynEL1X4hcpRMiyemogf2JEnvLwhHq80c,7139
-contentctl/helper/logger.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-contentctl/helper/splunk_app.py,sha256=5KoacltgQ2J1BdxqvZYhr6GCXFl2tsy8TEWNc2gXkqw,14187
-contentctl/helper/utils.py,sha256=8UDQWZmPg0hRjLNSf4gowsbdVCC4YFJW-xVxyIXUA_Y,18954
-contentctl/input/director.py,sha256=ieNzGHY7KMdwZZ7Re8-NnfdW3dRnrwh98BLFldDU1wg,10975
-contentctl/input/new_content_questions.py,sha256=7Sfdp-HrlyDN2H88CHrByZIL26iN-gqN17tHSkBg6UA,4196
-contentctl/input/yml_reader.py,sha256=BBO5AiLjwKTrVVMmW3p8BgFMXdTHPwPlEPlNXInmGNo,2015
-contentctl/objects/abstract_security_content_objects/detection_abstract.py,sha256=uc7eadSrL9pDdT0U_QtoYhQeQbx9HUlrJLJaBs5lNxc,50053
-contentctl/objects/abstract_security_content_objects/security_content_object_abstract.py,sha256=6vFf6ZZiUFBclYLg9e_AmZYsPfIq385jgqcFGvzWdmE,10232
-contentctl/objects/alert_action.py,sha256=vH8Yp3Ja4ane_bvOYvQhBwZiicYHJWKoecEsZzXEtKE,1393
-contentctl/objects/annotated_types.py,sha256=jnX02BQT4dHbd_DCIjik0PNN3kgsvb7sxAz_1Jy8TOY,259
-contentctl/objects/atomic.py,sha256=l10rrcZ2XItdnpOzSpHSbEwC12jelsPzELmeJZAGv2E,7338
-contentctl/objects/base_test.py,sha256=V5hZK2EjBIdTFmXa8pHmqQVsgFF_yL2iknCOO1KTALo,1103
-contentctl/objects/base_test_result.py,sha256=XxqOQHfOVTx3vvPgTz7ppE4EA_3MJx6Tf8G9bmhrWAI,5209
-contentctl/objects/baseline.py,sha256=EtJZeKfuFRWLCgHdVNDgHaP_8CysD15GYs_hDnPPt0k,3020
-contentctl/objects/baseline_tags.py,sha256=Z5BB0vxXpmbVeCyESs2WYaFgonBZTYY0iLZVAPabdJc,1548
-contentctl/objects/config.py,sha256=JtctSRIXvU292ujFL9b6YX0mse04ZqliArwAEyM3oH8,48598
-contentctl/objects/constants.py,sha256=Bn1O3FIcmLd7QYT-pZuhtaZ7k8sUvTWwh8XYXg4A_7M,5760
-contentctl/objects/correlation_search.py,sha256=xNcURW_K8rRG8VKkQ6WGL8a4zBw4CORyr2SvY-3TCVQ,46039
-contentctl/objects/dashboard.py,sha256=GKb_YqZMSP98Y97AlKffJrtVUufZzJag-zdmqRePLZ4,4114
-contentctl/objects/data_source.py,sha256=gst7ut7wdpew0woEDQSRVuyYuVf0fLHc0Z6rXW9Fvbw,1489
-contentctl/objects/deployment.py,sha256=dOPBq-0n1ETdVzhtgX81cIvkarafy4WRkVwEjwCMxaQ,2874
-contentctl/objects/deployment_email.py,sha256=XU7jzEUYCfb71If0eLanz1rNl8PR-3RZtEh6FPqjiSY,205
-contentctl/objects/deployment_notable.py,sha256=ALkddRQCgC2IO3AAl8M823icNvTL-V8pkIfRFj0ZvDk,256
-contentctl/objects/deployment_phantom.py,sha256=MjTNi-B2IX6Xgxr6S20jJjo-4taX_zF-HXrFXl1x7gs,265
-contentctl/objects/deployment_rba.py,sha256=E7z-Vus3m0gn1Zd7qrKiPztkj3C0inJIXh2SMif9bKk,183
-contentctl/objects/deployment_scheduling.py,sha256=qqjBcawyC9oPlOIPTQuP-88wbrdxSOjdudtooWrlTwM,256
-contentctl/objects/deployment_slack.py,sha256=Bg6hgIgc-BaWIv6CSWwE6429c9umFlBY51s-ZPTajtQ,193
-contentctl/objects/detection.py,sha256=3W41cXf3ECjWuPqWrseqSLC3PAA7O5_nENWWM6MPK0Y,620
-contentctl/objects/detection_metadata.py,sha256=eCsru2cymc3VINjt9MpDyGw2zXa2HyVEPv-XiGAcAeQ,2236
-contentctl/objects/detection_stanza.py,sha256=842fHPfGDdddHF5UzgftYr8OlYblWhMWZxPQsTu2wKg,3066
-contentctl/objects/detection_tags.py,sha256=2jGUvWSK0-b5M-guzcJQs2v5LfV_5hcfZpeS6HGx3Xo,9903
-contentctl/objects/drilldown.py,sha256=rnhGIjm0uc7BFekzlxBeMbxpLpC1dcjkh8n0rF_SheI,3987
-contentctl/objects/enums.py,sha256=Uy5n7diPs2q7vzhe2dTr2Mzr5ifzuKDmUhD-RujPl4E,13418
-contentctl/objects/errors.py,sha256=WURmJCqhy2CZNXXCypXVtwnjSBx-VIcB6W9oFJmzoFk,5762
-contentctl/objects/integration_test.py,sha256=UBBx85f517MpQXOM7-iEasACEQ0-Ia7W4rDChOHZfno,1319
-contentctl/objects/integration_test_result.py,sha256=9oVWka57alIVPiCDbNgy-OmJcBicyYbrr6anL52Wgks,278
-contentctl/objects/investigation.py,sha256=UOTieT033I3wU_-ydTCzT3LC1Is-WfnJKqcoVndW8LE,3244
-contentctl/objects/investigation_tags.py,sha256=-BP9rjtOzYCXsA5f626kO70cHxHBPyxeRYhdNkQDA1Q,1255
-contentctl/objects/lookup.py,sha256=rPMiCemlN3XORMAjuH10sgQhkjMqpSQOVSr-DdyFaN8,10529
-contentctl/objects/macro.py,sha256=DNBecV1kGOudKY0lx7nSjUjRmMi0CNWHYcmvaRZGFPg,3430
-contentctl/objects/manual_test.py,sha256=YNquEQ0UCzZGJ0uvHBgJ3Efho-F80ZG885ABLtqB7TI,1022
-contentctl/objects/manual_test_result.py,sha256=C4AYW3jlMsxVzCPzCA5dpAcbKgCpmDO43JmptFm--Q4,155
-contentctl/objects/mitre_attack_enrichment.py,sha256=0BvYdWVqFer029S3o_Wve_GQEKgvFZi_rjAb-rHid9c,3325
-contentctl/objects/notable_action.py,sha256=ValkblBaG-60TF19y_vSnNzoNZ3eg48wIfr0qZxyKTA,1605
-contentctl/objects/notable_event.py,sha256=YlmI5CbTeu2hrj1yhmvu6ma4RY_6RFvIuq8aEtrn4z8,703
-contentctl/objects/observable.py,sha256=1nM2ldkCcicxCX_ibOl2_qewJ5yQDyOIuCUsdithFZk,1421
-contentctl/objects/playbook.py,sha256=hSYYpdMhctgpp7uwaPciFqu1yuFI4M1NHy1WBBLyvzM,2469
-contentctl/objects/playbook_tags.py,sha256=jG_zsd8yL3HvSdDwbVJOu5KVA3--YYCBbhFGykoMrf4,1560
-contentctl/objects/rba.py,sha256=AkrbhzKeckxRn_6FEeA0geie2e71UOwpSEm9cqpnCN8,2826
-contentctl/objects/risk_analysis_action.py,sha256=OeatdTFXa6801JZIyvfN7c0B0rTnXpdVh1PXHCmQsz0,4275
-contentctl/objects/risk_event.py,sha256=1PNMlZaNPYKGNPyTvH5FdvQpDxl58t4gexKDSisP7AQ,12520
-contentctl/objects/risk_object.py,sha256=yY4NmEwEKaRl4sLzCRZb1n8kdpV3HzYbQVQ1ClQWYHw,904
-contentctl/objects/savedsearches_conf.py,sha256=tCyZHqAQ9azgwIyySViY2BdM4To5Cb_GeYEEHPwR4Zc,8604
-contentctl/objects/security_content_object.py,sha256=j8KNDwSMfZsSIzJucC3NuZo0SlFVpqHfDc6y3-YHjHI,234
-contentctl/objects/story.py,sha256=9q8_WosIZwq5cWIUbl_0IErV4fWc9VA18YBuJeflXn0,4823
-contentctl/objects/story_tags.py,sha256=GEzURFnlloBrBHoTjLHKRmqAein1ylcyFr4VE4jzFPU,2214
-contentctl/objects/test_attack_data.py,sha256=7p-kOJguTZtG9y5th5U3qfPFvpiAWLST_OBw8dwWl_4,488
-contentctl/objects/test_group.py,sha256=DCtm4ChGYksOwZQVHsioaweOvI37CSlTZJzKvBX-jbY,2586
-contentctl/objects/threat_object.py,sha256=S8B7RQFfLxN_g7yKPrDTuYhIy9JvQH3YwJ_T5LUZIa4,711
-contentctl/objects/throttling.py,sha256=om0pGOMStr6sTwm5uZ7rBcSHhRLpaX6TS5x-aaPGsR0,2369
-contentctl/objects/unit_test.py,sha256=eMFehpHhmZA5WYBqhWUNRF_LpxuLM9VooAxjXeNbrxY,1144
-contentctl/objects/unit_test_baseline.py,sha256=x1pDW028R4xzmz_kIiIerXTHE6kFfHkf28zIVl1wX9c,284
-contentctl/objects/unit_test_result.py,sha256=POQfvvPpSw-jQzINBz1_IszUMJ4Wbopu8HRS1Qe6P2M,2940
-contentctl/output/api_json_output.py,sha256=67mZwYdn5gEl9u24BAopGtPxaKTkPO74S_9zS2XlVIk,8261
-contentctl/output/attack_nav_output.py,sha256=95iKV8U9BMMgqh6cCOw1S89Ln73xmJGgJPHTYR0L7hA,2304
-contentctl/output/attack_nav_writer.py,sha256=64ILZLmNbh2XLmbopgENkeo6t-4SRRG8xZXBmtpNd4g,2219
-contentctl/output/conf_output.py,sha256=e19RGptVUOatj8c-SuIDd4uqYa7Yg9z9Globv23w1fE,10643
-contentctl/output/conf_writer.py,sha256=9eqt2tm1xjs397pwWLz5oPJcMHbs62ejRG7KghGQQCI,15137
-contentctl/output/data_source_writer.py,sha256=NIn9mVQmYtGjWANeeveRhfXTUescVuWnEEDRXaNb1qg,1579
-contentctl/output/doc_md_output.py,sha256=gf7osH1uSrC6js3D_I72g4uDe9TaB3tsvtqCHi5znp0,3238
-contentctl/output/jinja_writer.py,sha256=bdiqr9FaXYxth4wZ1A52zTMAS5stHNGpezTkaS5pres,1119
-contentctl/output/json_writer.py,sha256=xQzARL0eiftVBm9yeBKw6cu2wqc9ughormi2rCFlJ1Q,861
-contentctl/output/svg_output.py,sha256=rDAm6Y5Pc3KktjDh2hXgWFUcONrA8Op22RzSLVMsKBo,2745
-contentctl/output/templates/analyticstories_detections.j2,sha256=_xM5MMC_O5aLTBI04afgrCnYVfojmbb3J1JVq2AkaT8,964
-contentctl/output/templates/analyticstories_investigations.j2,sha256=kqy9lR6W3avqETCM2tSZ8WWOlfiyOtFv6G5N4SZWSaQ,527
-contentctl/output/templates/analyticstories_stories.j2,sha256=4rS-oN6JHAVKF3ToMxzHqK7asytw1R4OQmZGtzdRRBI,663
-contentctl/output/templates/app.conf.j2,sha256=UL80Px4IUGPD-DgcAiUrS4emHBIY7DxleSNyNXCH5tQ,623
-contentctl/output/templates/app.manifest.j2,sha256=Q1803mcfgNvUs8s4e1zD1J3_mxfPYVtLkD8fhCO6d-I,1103
-contentctl/output/templates/collections.j2,sha256=w2hkY7Yfm7AmY1O_7DP-znLS_whgKX79VbnW7QlvrNU,151
-contentctl/output/templates/content-version.j2,sha256=2-it0TF5BvqUcmUXVFB4DEh0I01igQGDxZNJpdtDFIA,54
-contentctl/output/templates/detection_count.j2,sha256=9U3o-P_ECkMknsooj_L3B9GZqjnsbaEzr59s3-DOK0I,670
-contentctl/output/templates/detection_coverage.j2,sha256=guE4fow9BqGoCCrQ3b6-EZqWJcThb58V9khuIH7nhT0,631
-contentctl/output/templates/doc_detection_page.j2,sha256=kATedDq0Z8tzxKiD3nD0_-7YiOrjssUMYSDenRYTh6A,1012
-contentctl/output/templates/doc_detections.j2,sha256=tjTQh6R5zMMmBm9hk-8dFG5p0PyhWSGkrYeRxe9gfPU,6500
-contentctl/output/templates/doc_navigation.j2,sha256=h25ITC3xcAM17uZGIyyDFURmEdYtQSPvNeWN3RH7j4Q,1471
-contentctl/output/templates/doc_navigation_pages.j2,sha256=ptfjbD4F0Ob7dze9at2q5gqOslcbL3eteUO1zsblDJo,203
-contentctl/output/templates/doc_playbooks.j2,sha256=CWsnm8F097oYT8anW3CE7JaX1haAJTfylThP1ic0UIw,1681
-contentctl/output/templates/doc_playbooks_page.j2,sha256=2d5UNDSOxyMtxKGxGHzJ2Ny_UrqTq267NO1h-lmNduc,679
-contentctl/output/templates/doc_stories.j2,sha256=0J3dAbfSZz-Ma1-C9B6vYPKGwrxoZryYoudy3wUIT4s,1827
-contentctl/output/templates/doc_story_page.j2,sha256=jrf-As8GbqLarRoiDipfM9ZUVRl_bhdNsy-XaCrBaXE,874
-contentctl/output/templates/es_investigations_investigations.j2,sha256=M4beFAFrkdhOIda2uYOXOxm9eBTdtSrTg07ke8FcELs,1013
-contentctl/output/templates/es_investigations_stories.j2,sha256=3_adGXuyMR6v-k3uc6_ht13UqX1AI4HagRdokwW0tqk,388
-contentctl/output/templates/header.j2,sha256=3usV7jm1q6J-QNnQrZzII9cN0XEGQjg_eVKrEQwfOG0,201
-contentctl/output/templates/macros.j2,sha256=SLcQQ5X7TZS8j-2qP06BTXqdIcnwoYqTAaBLX2Dge7Y,390
-contentctl/output/templates/panel.j2,sha256=Cw_W6p-14n6UivVfpS75KKJiJ2VpdGsSBceYsUYe9gk,221
-contentctl/output/templates/savedsearches_baselines.j2,sha256=BfpNrApucyByZHYW-Az63NO7hXBRYtlQCZcgBcLDv60,1683
-contentctl/output/templates/savedsearches_detections.j2,sha256=FzOCszfJjAWTE4Z40JMK6umOPxz5NjcRt3-agwmvFn0,6830
-contentctl/output/templates/savedsearches_investigations.j2,sha256=3jWg3OEwnexZxebpyP9_7lbZI407e5rlx1-epRs1Kpc,1170
-contentctl/output/templates/server.conf.j2,sha256=sPZUkiuJNGm9R8rpjfRKyuAvmmQb0C4w9Q6hpmvmPeU,127
-contentctl/output/templates/transforms.j2,sha256=EySDJWorLHRSTibMIvbV7PdDb6uDC058gMUk-kiK6g0,1481
-contentctl/output/templates/workflow_actions.j2,sha256=DFoZVnCa8dMRHjW2AdpoydBC0THgiH_W-Nx7WI4-uR4,925
-contentctl/output/yml_writer.py,sha256=7-qcJJoF6P6p9nHVO8dtEmuekg5_buSXlE2ITrFNsX8,2137
-contentctl/templates/README.md,sha256=GoRmywUqwnjaehY_GLmGqxsFXCLP9plpDYwB6W6nVPs,428
-contentctl/templates/app_default.yml,sha256=kDeYdJbfMADQPcho8iH1nqgTFrHNt4EXnIJjPHc2unI,6390
-contentctl/templates/app_template/README/essoc_story_detail.txt,sha256=7hFPBfPpRH28TFl7QchKceZLewQqgFjRWDlmxZzwpmo,897
-contentctl/templates/app_template/README/essoc_summary.txt,sha256=u6wYNYBqmmm7Kn_g_Uex8rRzMQ995MUXCavla95Y1dw,2538
-contentctl/templates/app_template/README/essoc_usage_dashboard.txt,sha256=xYUKKVtdgzPyT3mqdTccaBZuwWnC63lbc9zyYpmHN4o,2432
-contentctl/templates/app_template/README.md,sha256=RT-J9bgRSFsEFgNr9qV6yc2LkfUH_uiMJ2RV4NM9Ymo,366
-contentctl/templates/app_template/default/analytic_stories.conf,sha256=zWuCOOl8SiP7Kit2s-de4KRu3HySLtBSXcp1QnJx0ec,168
-contentctl/templates/app_template/default/commands.conf,sha256=U2ccwUeGXKKKt5jo14QY5swi-p9_TSJtaNquOkeF3Yk,319
-contentctl/templates/app_template/default/data/ui/nav/default.xml,sha256=fKN53HZCtNJbQqq_5pP8e5-5m30DRrJittr6q5s6V_0,236
-contentctl/templates/app_template/default/data/ui/views/escu_summary.xml,sha256=jQhkIthPgEEptCJ2wUCj2lWGHBvUl6JGsKkDfONloxI,8635
-contentctl/templates/app_template/default/data/ui/views/feedback.xml,sha256=uM71EMK2uFz8h68nOTNKGnYxob3HhE_caSL6yA-3H-k,696
-contentctl/templates/app_template/default/use_case_library.conf,sha256=zWuCOOl8SiP7Kit2s-de4KRu3HySLtBSXcp1QnJx0ec,168
-contentctl/templates/app_template/lookups/mitre_enrichment.csv,sha256=tifPQjFoQHtvpb78hxSP2fKHnHeehNbZDwUjdvc0aEM,66072
-contentctl/templates/app_template/metadata/default.meta,sha256=h66ea1l3qMzDRgDUAXsJvGKeJnp5w-s2unYMZ9dJLzM,433
-contentctl/templates/app_template/static/appIcon.png,sha256=jcJ1PNdkBX7Kl_y9Tf0SZ55OJYA2PpwjvkVvBt9_OoE,3658
-contentctl/templates/app_template/static/appIconAlt.png,sha256=uRXjoHQQjs0-BxcK-3KNBEdck1adDNTHMvV14xR4W0g,2656
-contentctl/templates/app_template/static/appIconAlt_2x.png,sha256=I0m-CPRqq7ak9NJQZGGmz6Ac4pmzFV_SonOUxOEDOFs,7442
-contentctl/templates/app_template/static/appIcon_2x.png,sha256=XEpqQzDvzuEV5StzD05XRgxwySqHHLes1hMPy2v5Vdk,3657
-contentctl/templates/data_sources/sysmon_eventid_1.yml,sha256=7PIcLr1e9Ql-wu_Dk9D4JAZs1OWDby-tY77nDDUZ1CQ,6079
-contentctl/templates/datamodels_cim.conf,sha256=RB_SCtpQG_KaC_0lKTCKexVOlEq_ShGwpGlg95aqOfs,9381
-contentctl/templates/datamodels_custom.conf,sha256=6BANthXdqg3fYpYmEqiGZnv4cWheNfXz1uQ_I1JePXc,480
-contentctl/templates/deployments/escu_default_configuration_anomaly.yml,sha256=j_H2wovWBj1EKxVwj3mMoJVQnVm-2Imt7xnB9U1Tun4,418
-contentctl/templates/deployments/escu_default_configuration_baseline.yml,sha256=NzUvaotkk7hatx9EBjROFIwsvSOZXgfAJUvGS8JrUMg,334
-contentctl/templates/deployments/escu_default_configuration_correlation.yml,sha256=iWLqvJnUKVhpKaLBc_w_W65d9HVZgOZfGA-RIpxsH6M,519
-contentctl/templates/deployments/escu_default_configuration_hunting.yml,sha256=hHmM8u7zncpb-32Qv74UoNs0HKwZwCMoKAq2ygDJZbo,329
-contentctl/templates/deployments/escu_default_configuration_ttp.yml,sha256=1D-pvzaH1v3_yCZXaY6njmdvV4S2_Ak8uzzCOsnj9XY,548
-contentctl/templates/detections/application/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-contentctl/templates/detections/cloud/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-contentctl/templates/detections/endpoint/anomalous_usage_of_7zip.yml,sha256=VQ8mxkOOm7RfnBomtOXF9XGE8fV-j5j-4pFtpocQ17Y,3875
-contentctl/templates/detections/network/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-contentctl/templates/detections/web/.gitkeep,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
-contentctl/templates/macros/security_content_ctime.yml,sha256=Gg1YNllHVsX_YB716H1SJLWzxXZEfuJlnsgB2fuyoHU,159
-contentctl/templates/macros/security_content_summariesonly.yml,sha256=9BYUxAl2E4Nwh8K19F3AJS8Ka7ceO6ZDBjFiO3l3LY0,162
-contentctl/templates/stories/cobalt_strike.yml,sha256=rlaXxMN-5k8LnKBLPafBoksyMtlmsPMHPJOjTiMiZ-M,3063
-contentctl-5.0.0a2.dist-info/LICENSE.md,sha256=hQWUayRk-pAiOZbZnuy8djmoZkjKBx8MrCFpW-JiOgo,11344
-contentctl-5.0.0a2.dist-info/METADATA,sha256=trZZB3p6gbjZZ4RfG_kh9cniJaV1cbaocdwlJqOZU4w,21541
-contentctl-5.0.0a2.dist-info/WHEEL,sha256=IYZQI976HJqqOpQU6PHkJ8fb3tMNBFjg-Cn-pwAbaFM,88
-contentctl-5.0.0a2.dist-info/entry_points.txt,sha256=5bjZ2NkbQfSwK47uOnA77yCtjgXhvgxnmCQiynRF_-U,57
-contentctl-5.0.0a2.dist-info/RECORD,,