contentctl 5.5.4__tar.gz → 5.5.5__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (170) hide show
  1. {contentctl-5.5.4 → contentctl-5.5.5}/PKG-INFO +1 -1
  2. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/lookup.py +7 -0
  3. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/macro.py +1 -0
  4. {contentctl-5.5.4 → contentctl-5.5.5}/pyproject.toml +1 -1
  5. {contentctl-5.5.4 → contentctl-5.5.5}/LICENSE.md +0 -0
  6. {contentctl-5.5.4 → contentctl-5.5.5}/README.md +0 -0
  7. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/__init__.py +0 -0
  8. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/build.py +0 -0
  9. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/deploy_acs.py +0 -0
  10. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/detection_testing/DetectionTestingManager.py +0 -0
  11. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/detection_testing/GitService.py +0 -0
  12. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/detection_testing/generate_detection_coverage_badge.py +0 -0
  13. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructure.py +0 -0
  14. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructureContainer.py +0 -0
  15. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/detection_testing/infrastructures/DetectionTestingInfrastructureServer.py +0 -0
  16. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/detection_testing/progress_bar.py +0 -0
  17. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/detection_testing/views/DetectionTestingView.py +0 -0
  18. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/detection_testing/views/DetectionTestingViewCLI.py +0 -0
  19. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/detection_testing/views/DetectionTestingViewFile.py +0 -0
  20. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/detection_testing/views/DetectionTestingViewWeb.py +0 -0
  21. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/doc_gen.py +0 -0
  22. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/initialize.py +0 -0
  23. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/inspect.py +0 -0
  24. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/new_content.py +0 -0
  25. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/release_notes.py +0 -0
  26. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/reporting.py +0 -0
  27. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/test.py +0 -0
  28. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/actions/validate.py +0 -0
  29. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/api.py +0 -0
  30. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/contentctl.py +0 -0
  31. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/enrichments/attack_enrichment.py +0 -0
  32. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/enrichments/cve_enrichment.py +0 -0
  33. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/enrichments/splunk_app_enrichment.py +0 -0
  34. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/helper/link_validator.py +0 -0
  35. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/helper/logger.py +0 -0
  36. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/helper/splunk_app.py +0 -0
  37. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/helper/utils.py +0 -0
  38. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/input/director.py +0 -0
  39. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/input/new_content_questions.py +0 -0
  40. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/input/yml_reader.py +0 -0
  41. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/abstract_security_content_objects/detection_abstract.py +0 -0
  42. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/abstract_security_content_objects/security_content_object_abstract.py +0 -0
  43. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/alert_action.py +0 -0
  44. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/annotated_types.py +0 -0
  45. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/atomic.py +0 -0
  46. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/base_security_event.py +0 -0
  47. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/base_test.py +0 -0
  48. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/base_test_result.py +0 -0
  49. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/baseline.py +0 -0
  50. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/baseline_tags.py +0 -0
  51. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/config.py +0 -0
  52. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/constants.py +0 -0
  53. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/content_versioning_service.py +0 -0
  54. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/correlation_search.py +0 -0
  55. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/dashboard.py +0 -0
  56. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/data_source.py +0 -0
  57. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/deployment.py +0 -0
  58. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/deployment_email.py +0 -0
  59. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/deployment_notable.py +0 -0
  60. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/deployment_phantom.py +0 -0
  61. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/deployment_rba.py +0 -0
  62. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/deployment_scheduling.py +0 -0
  63. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/deployment_slack.py +0 -0
  64. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/detection.py +0 -0
  65. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/detection_metadata.py +0 -0
  66. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/detection_stanza.py +0 -0
  67. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/detection_tags.py +0 -0
  68. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/drilldown.py +0 -0
  69. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/enums.py +0 -0
  70. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/errors.py +0 -0
  71. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/integration_test.py +0 -0
  72. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/integration_test_result.py +0 -0
  73. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/investigation.py +0 -0
  74. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/investigation_tags.py +0 -0
  75. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/manual_test.py +0 -0
  76. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/manual_test_result.py +0 -0
  77. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/mitre_attack_enrichment.py +0 -0
  78. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/notable_action.py +0 -0
  79. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/notable_event.py +0 -0
  80. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/playbook.py +0 -0
  81. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/playbook_tags.py +0 -0
  82. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/rba.py +0 -0
  83. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/removed_security_content_object.py +0 -0
  84. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/risk_analysis_action.py +0 -0
  85. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/risk_event.py +0 -0
  86. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/risk_object.py +0 -0
  87. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/savedsearches_conf.py +0 -0
  88. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/security_content_object.py +0 -0
  89. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/story.py +0 -0
  90. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/story_tags.py +0 -0
  91. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/test_attack_data.py +0 -0
  92. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/test_group.py +0 -0
  93. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/threat_object.py +0 -0
  94. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/throttling.py +0 -0
  95. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/unit_test.py +0 -0
  96. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/unit_test_baseline.py +0 -0
  97. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/unit_test_result.py +0 -0
  98. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/api_json_output.py +0 -0
  99. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/attack_nav_output.py +0 -0
  100. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/attack_nav_writer.py +0 -0
  101. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/conf_output.py +0 -0
  102. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/conf_writer.py +0 -0
  103. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/doc_md_output.py +0 -0
  104. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/jinja_writer.py +0 -0
  105. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/json_writer.py +0 -0
  106. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/runtime_csv_writer.py +0 -0
  107. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/svg_output.py +0 -0
  108. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/analyticstories_detections.j2 +0 -0
  109. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/analyticstories_investigations.j2 +0 -0
  110. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/analyticstories_stories.j2 +0 -0
  111. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/app.conf.j2 +0 -0
  112. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/app.manifest.j2 +0 -0
  113. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/collections.j2 +0 -0
  114. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/content-version.j2 +0 -0
  115. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/detection_count.j2 +0 -0
  116. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/detection_coverage.j2 +0 -0
  117. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/doc_detection_page.j2 +0 -0
  118. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/doc_detections.j2 +0 -0
  119. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/doc_navigation.j2 +0 -0
  120. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/doc_navigation_pages.j2 +0 -0
  121. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/doc_playbooks.j2 +0 -0
  122. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/doc_playbooks_page.j2 +0 -0
  123. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/doc_stories.j2 +0 -0
  124. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/doc_story_page.j2 +0 -0
  125. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/es_investigations_investigations.j2 +0 -0
  126. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/es_investigations_stories.j2 +0 -0
  127. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/header.j2 +0 -0
  128. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/macros.j2 +0 -0
  129. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/panel.j2 +0 -0
  130. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/savedsearches_baselines.j2 +0 -0
  131. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/savedsearches_detections.j2 +0 -0
  132. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/savedsearches_investigations.j2 +0 -0
  133. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/server.conf.j2 +0 -0
  134. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/transforms.j2 +0 -0
  135. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/templates/workflow_actions.j2 +0 -0
  136. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/output/yml_writer.py +0 -0
  137. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/README.md +0 -0
  138. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_default.yml +0 -0
  139. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/README/essoc_story_detail.txt +0 -0
  140. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/README/essoc_summary.txt +0 -0
  141. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/README/essoc_usage_dashboard.txt +0 -0
  142. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/README.md +0 -0
  143. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/default/analytic_stories.conf +0 -0
  144. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/default/commands.conf +0 -0
  145. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/default/data/ui/nav/default.xml +0 -0
  146. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/default/data/ui/views/escu_summary.xml +0 -0
  147. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/default/data/ui/views/feedback.xml +0 -0
  148. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/default/use_case_library.conf +0 -0
  149. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/lookups/mitre_enrichment.csv +0 -0
  150. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/metadata/default.meta +0 -0
  151. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/static/appIcon.png +0 -0
  152. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/static/appIconAlt.png +0 -0
  153. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/static/appIconAlt_2x.png +0 -0
  154. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/app_template/static/appIcon_2x.png +0 -0
  155. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/data_sources/sysmon_eventid_1.yml +0 -0
  156. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/datamodels_cim.conf +0 -0
  157. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/datamodels_custom.conf +0 -0
  158. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/deployments/escu_default_configuration_anomaly.yml +0 -0
  159. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/deployments/escu_default_configuration_baseline.yml +0 -0
  160. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/deployments/escu_default_configuration_correlation.yml +0 -0
  161. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/deployments/escu_default_configuration_hunting.yml +0 -0
  162. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/deployments/escu_default_configuration_ttp.yml +0 -0
  163. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/detections/application/.gitkeep +0 -0
  164. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/detections/cloud/.gitkeep +0 -0
  165. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/detections/endpoint/anomalous_usage_of_7zip.yml +0 -0
  166. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/detections/network/.gitkeep +0 -0
  167. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/detections/web/.gitkeep +0 -0
  168. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/macros/security_content_ctime.yml +0 -0
  169. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/macros/security_content_summariesonly.yml +0 -0
  170. {contentctl-5.5.4 → contentctl-5.5.5}/contentctl/templates/stories/cobalt_strike.yml +0 -0
{contentctl-5.5.4 → contentctl-5.5.5}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.3
2
2
  Name: contentctl
3
- Version: 5.5.4
3
+ Version: 5.5.5
4
4
  Summary: Splunk Content Control Tool
5
5
  License: Apache 2.0
6
6
  Author: STRT
{contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/lookup.py RENAMED
@@ -65,6 +65,13 @@ LOOKUPS_TO_IGNORE.add(
65
65
  # Special case for the Detection "Exploit Public Facing Application via Apache Commons Text"
66
66
  LOOKUPS_TO_IGNORE.add("=")
67
67
  LOOKUPS_TO_IGNORE.add("other_lookups")
68
+ LOOKUPS_TO_IGNORE.add(
69
+ "asn_lookup_by_cidr"
70
+ ) # Provided by SA-ThreatIntelligence, part of Enterprise Security
71
+
72
+ LOOKUPS_TO_IGNORE.add(
73
+ "mitre_attack_lookup"
74
+ ) # KVStore provided by SA-ThreatIntelligence, part of Enterprise Security
68
75
 
69
76
 
70
77
  class Lookup_Type(StrEnum):
{contentctl-5.5.4 → contentctl-5.5.5}/contentctl/objects/macro.py RENAMED
@@ -26,6 +26,7 @@ MACROS_TO_IGNORE.add(
26
26
  ) # SA-ThreatIntelligence, part of Enterprise Security
27
27
  MACROS_TO_IGNORE.add("cim_corporate_web_domain_search") # Part of CIM/Splunk_SA_CIM
28
28
  # MACROS_TO_IGNORE.add("prohibited_processes")
29
+ MACROS_TO_IGNORE.add("globedistance") # Part of SA-Utils, part of Enterprise Security
29
30
 
30
31
 
31
32
  class Macro(SecurityContentObject):
{contentctl-5.5.4 → contentctl-5.5.5}/pyproject.toml RENAMED
@@ -1,7 +1,7 @@
1
1
  [tool.poetry]
2
2
  name = "contentctl"
3
3
 
4
- version = "5.5.4"
4
+ version = "5.5.5"
5
5
 
6
6
  description = "Splunk Content Control Tool"
7
7
  authors = ["STRT <research@splunk.com>"]
{contentctl-5.5.4 → contentctl-5.5.5}/LICENSE.md RENAMED
File without changes
{contentctl-5.5.4 → contentctl-5.5.5}/README.md RENAMED
File without changes
{contentctl-5.5.4 → contentctl-5.5.5}/contentctl/api.py RENAMED
File without changes