howler-api 3.2.0.dev475__tar.gz → 3.2.0.dev490__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (198) hide show
  1. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/PKG-INFO +1 -1
  2. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/search.py +37 -1
  3. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/pyproject.toml +1 -1
  4. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/README.md +0 -0
  5. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/__init__.py +0 -0
  6. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/actions/__init__.py +0 -0
  7. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/actions/add_label.py +0 -0
  8. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/actions/add_to_bundle.py +0 -0
  9. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/actions/change_field.py +0 -0
  10. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/actions/demote.py +0 -0
  11. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/actions/example_plugin.py +0 -0
  12. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/actions/prioritization.py +0 -0
  13. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/actions/promote.py +0 -0
  14. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/actions/remove_from_bundle.py +0 -0
  15. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/actions/remove_label.py +0 -0
  16. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/actions/transition.py +0 -0
  17. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/__init__.py +0 -0
  18. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/base.py +0 -0
  19. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/socket.py +0 -0
  20. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/__init__.py +0 -0
  21. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/action.py +0 -0
  22. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/analytic.py +0 -0
  23. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/auth.py +0 -0
  24. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/clue.py +0 -0
  25. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/configs.py +0 -0
  26. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/dossier.py +0 -0
  27. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/help.py +0 -0
  28. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/hit.py +0 -0
  29. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/notebook.py +0 -0
  30. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/overview.py +0 -0
  31. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/template.py +0 -0
  32. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/tool.py +0 -0
  33. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/user.py +0 -0
  34. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/utils/__init__.py +0 -0
  35. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/utils/etag.py +0 -0
  36. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/view.py +0 -0
  37. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/app.py +0 -0
  38. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/common/README.md +0 -0
  39. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/common/__init__.py +0 -0
  40. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/common/classification.py +0 -0
  41. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/common/classification.yml +0 -0
  42. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/common/exceptions.py +0 -0
  43. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/common/loader.py +0 -0
  44. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/common/logging/__init__.py +0 -0
  45. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/common/logging/audit.py +0 -0
  46. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/common/logging/format.py +0 -0
  47. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/common/net.py +0 -0
  48. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/common/net_static.py +0 -0
  49. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/common/random_user.py +0 -0
  50. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/common/swagger.py +0 -0
  51. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/config.py +0 -0
  52. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/cronjobs/__init__.py +0 -0
  53. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/cronjobs/retention.py +0 -0
  54. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/cronjobs/rules.py +0 -0
  55. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/cronjobs/view_cleanup.py +0 -0
  56. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/datastore/README.md +0 -0
  57. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/datastore/__init__.py +0 -0
  58. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/datastore/bulk.py +0 -0
  59. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/datastore/collection.py +0 -0
  60. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/datastore/constants.py +0 -0
  61. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/datastore/exceptions.py +0 -0
  62. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/datastore/howler_store.py +0 -0
  63. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/datastore/migrations/fix_process.py +0 -0
  64. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/datastore/operations.py +0 -0
  65. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/datastore/schemas.py +0 -0
  66. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/datastore/store.py +0 -0
  67. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/datastore/support/__init__.py +0 -0
  68. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/datastore/support/build.py +0 -0
  69. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/datastore/support/schemas.py +0 -0
  70. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/datastore/types.py +0 -0
  71. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/error.py +0 -0
  72. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/external/__init__.py +0 -0
  73. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/external/generate_mitre.py +0 -0
  74. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/external/generate_sigma_rules.py +0 -0
  75. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/external/generate_tlds.py +0 -0
  76. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/external/reindex_data.py +0 -0
  77. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/external/wipe_databases.py +0 -0
  78. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/gunicorn_config.py +0 -0
  79. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/healthz.py +0 -0
  80. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/helper/__init__.py +0 -0
  81. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/helper/azure.py +0 -0
  82. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/helper/discover.py +0 -0
  83. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/helper/hit.py +0 -0
  84. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/helper/oauth.py +0 -0
  85. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/helper/search.py +0 -0
  86. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/helper/workflow.py +0 -0
  87. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/helper/ws.py +0 -0
  88. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/README.md +0 -0
  89. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/__init__.py +0 -0
  90. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/base.py +0 -0
  91. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/charter.txt +0 -0
  92. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/helper.py +0 -0
  93. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/howler_enum.py +0 -0
  94. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/__init__.py +0 -0
  95. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/action.py +0 -0
  96. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/analytic.py +0 -0
  97. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/assemblyline.py +0 -0
  98. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/aws.py +0 -0
  99. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/azure.py +0 -0
  100. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/cbs.py +0 -0
  101. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/clue.py +0 -0
  102. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/config.py +0 -0
  103. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/dossier.py +0 -0
  104. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/__init__.py +0 -0
  105. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/agent.py +0 -0
  106. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/autonomous_system.py +0 -0
  107. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/client.py +0 -0
  108. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/cloud.py +0 -0
  109. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/code_signature.py +0 -0
  110. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/container.py +0 -0
  111. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/dns.py +0 -0
  112. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/egress.py +0 -0
  113. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/elf.py +0 -0
  114. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/email.py +0 -0
  115. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/error.py +0 -0
  116. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/event.py +0 -0
  117. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/faas.py +0 -0
  118. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/file.py +0 -0
  119. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/geo.py +0 -0
  120. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/group.py +0 -0
  121. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/hash.py +0 -0
  122. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/host.py +0 -0
  123. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/http.py +0 -0
  124. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/ingress.py +0 -0
  125. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/interface.py +0 -0
  126. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/network.py +0 -0
  127. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/observer.py +0 -0
  128. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/organization.py +0 -0
  129. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/os.py +0 -0
  130. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/pe.py +0 -0
  131. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/process.py +0 -0
  132. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/registry.py +0 -0
  133. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/related.py +0 -0
  134. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/rule.py +0 -0
  135. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/server.py +0 -0
  136. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/threat.py +0 -0
  137. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/tls.py +0 -0
  138. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/url.py +0 -0
  139. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/user.py +0 -0
  140. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/user_agent.py +0 -0
  141. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/ecs/vulnerability.py +0 -0
  142. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/gcp.py +0 -0
  143. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/hit.py +0 -0
  144. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/howler_data.py +0 -0
  145. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/lead.py +0 -0
  146. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/localized_label.py +0 -0
  147. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/overview.py +0 -0
  148. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/pivot.py +0 -0
  149. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/template.py +0 -0
  150. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/user.py +0 -0
  151. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/models/view.py +0 -0
  152. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/random_data.py +0 -0
  153. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/odm/randomizer.py +0 -0
  154. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/patched.py +0 -0
  155. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/plugins/__init__.py +0 -0
  156. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/plugins/config.py +0 -0
  157. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/remote/__init__.py +0 -0
  158. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/remote/datatypes/README.md +0 -0
  159. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/remote/datatypes/__init__.py +0 -0
  160. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/remote/datatypes/counters.py +0 -0
  161. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/remote/datatypes/events.py +0 -0
  162. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/remote/datatypes/hash.py +0 -0
  163. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/remote/datatypes/lock.py +0 -0
  164. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/remote/datatypes/queues/__init__.py +0 -0
  165. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/remote/datatypes/queues/comms.py +0 -0
  166. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/remote/datatypes/queues/multi.py +0 -0
  167. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/remote/datatypes/queues/named.py +0 -0
  168. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/remote/datatypes/queues/priority.py +0 -0
  169. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/remote/datatypes/set.py +0 -0
  170. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/remote/datatypes/user_quota_tracker.py +0 -0
  171. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/security/__init__.py +0 -0
  172. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/security/socket.py +0 -0
  173. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/security/utils.py +0 -0
  174. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/services/__init__.py +0 -0
  175. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/services/action_service.py +0 -0
  176. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/services/analytic_service.py +0 -0
  177. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/services/auth_service.py +0 -0
  178. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/services/config_service.py +0 -0
  179. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/services/dossier_service.py +0 -0
  180. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/services/event_service.py +0 -0
  181. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/services/hit_service.py +0 -0
  182. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/services/jwt_service.py +0 -0
  183. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/services/lucene_service.py +0 -0
  184. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/services/notebook_service.py +0 -0
  185. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/services/overview_service.py +0 -0
  186. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/services/template_service.py +0 -0
  187. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/services/user_service.py +0 -0
  188. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/utils/__init__.py +0 -0
  189. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/utils/annotations.py +0 -0
  190. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/utils/chunk.py +0 -0
  191. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/utils/dict_utils.py +0 -0
  192. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/utils/isotime.py +0 -0
  193. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/utils/list_utils.py +0 -0
  194. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/utils/lucene.py +0 -0
  195. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/utils/path.py +0 -0
  196. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/utils/socket_utils.py +0 -0
  197. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/utils/str_utils.py +0 -0
  198. {howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/utils/uid.py +0 -0
{howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.4
2
2
  Name: howler-api
3
- Version: 3.2.0.dev475
3
+ Version: 3.2.0.dev490
4
4
  Summary: Howler - API server
5
5
  License: MIT
6
6
  Keywords: howler,alerting,gc,canada,cse-cst,cse,cst,cyber,cccs
{howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/howler/api/v1/search.py RENAMED
@@ -10,7 +10,7 @@ from sigma.rule import SigmaRule
10
10
  from werkzeug.exceptions import BadRequest
11
11
  from yaml.scanner import ScannerError
12
12
 
13
- from howler.api import bad_request, make_subapi_blueprint, ok
13
+ from howler.api import bad_request, forbidden, make_subapi_blueprint, ok
14
14
  from howler.common.loader import datastore
15
15
  from howler.common.logging import get_logger
16
16
  from howler.common.swagger import generate_swagger_docs
@@ -25,6 +25,8 @@ search_api._doc = "Perform search queries" # type: ignore
25
25
 
26
26
  logger = get_logger(__file__)
27
27
 
28
+ SENSITIVE_USER_FIELDS = ["password", "apikeys", "*"]
29
+
28
30
 
29
31
  def generate_params(request: Request, fields: list[str], multi_fields: list[str], params: dict[str, Any] | None = None):
30
32
  """Generate a list of parameters, combining the request data and the query arguments"""
@@ -136,6 +138,13 @@ def search(index, **kwargs):
136
138
  if not query:
137
139
  return bad_request(err="There was no search query.")
138
140
 
141
+ if (
142
+ "fl" in params
143
+ and index == "user"
144
+ and any(sensitive_field in params["fl"] for sensitive_field in SENSITIVE_USER_FIELDS)
145
+ ):
146
+ return forbidden(err="Invalid fields to retrieve.")
147
+
139
148
  try:
140
149
  metadata = params.pop("metadata", [])
141
150
  result = collection().search(query, as_obj=False, **params)
@@ -276,6 +285,13 @@ def eql_search(index, **kwargs):
276
285
  if not eql_query:
277
286
  return bad_request(err="There was no EQL search query.")
278
287
 
288
+ if (
289
+ "fl" in params
290
+ and index == "user"
291
+ and any(sensitive_field in params["fl"] for sensitive_field in SENSITIVE_USER_FIELDS)
292
+ ):
293
+ return forbidden(err="Invalid fields to retrieve.")
294
+
279
295
  try:
280
296
  return ok(collection().raw_eql_search(**params))
281
297
  except (SearchException, BadRequestError) as e:
@@ -364,6 +380,13 @@ def sigma_search(index, **kwargs):
364
380
 
365
381
  lucene_queries = LuceneBackend(index_names=[es_collection.index_name]).convert_rule(rule)
366
382
 
383
+ if (
384
+ "fl" in params
385
+ and index == "user"
386
+ and any(sensitive_field in params["fl"] for sensitive_field in SENSITIVE_USER_FIELDS)
387
+ ):
388
+ return forbidden(err="Invalid fields to retrieve.")
389
+
367
390
  try:
368
391
  return ok(es_collection.search("*:*", **params, filters=[*params.get("filters", []), *lucene_queries]))
369
392
  except (SearchException, BadRequestError) as e:
@@ -432,6 +455,13 @@ def group_search(index, group_field, **kwargs):
432
455
  if not group_field:
433
456
  return bad_request(err="The field to group on was not specified.")
434
457
 
458
+ if (
459
+ "fl" in params
460
+ and index == "user"
461
+ and any(sensitive_field in params["fl"] for sensitive_field in SENSITIVE_USER_FIELDS)
462
+ ):
463
+ return forbidden(err="Invalid fields to retrieve.")
464
+
435
465
  try:
436
466
  return ok(collection().grouped_search(group_field, **params))
437
467
  except (SearchException, BadRequestError) as e:
@@ -592,6 +622,9 @@ def facet(index, **kwargs):
592
622
  logger.warning("Invalid field %s requested for faceting, skipping", field)
593
623
  continue
594
624
 
625
+ if index == "user" and any(sensitive_field in field for sensitive_field in SENSITIVE_USER_FIELDS):
626
+ return forbidden(err="Invalid fields to facet on.")
627
+
595
628
  facet_result[field] = collection().facet(field, **params)
596
629
 
597
630
  return ok(facet_result)
@@ -642,6 +675,9 @@ def facet_field(index, field, **kwargs):
642
675
  if field_info is None:
643
676
  return bad_request(err=f"Field '{field}' is not a valid field in index: {index}")
644
677
 
678
+ if index == "user" and any(sensitive_field in field for sensitive_field in SENSITIVE_USER_FIELDS):
679
+ return forbidden(err="Invalid field to facet on.")
680
+
645
681
  fields = ["query", "mincount", "rows"]
646
682
  multi_fields = ["filters"]
647
683
 
{howler_api-3.2.0.dev475 → howler_api-3.2.0.dev490}/pyproject.toml RENAMED
@@ -152,7 +152,7 @@ suppress-none-returning = true
152
152
  [tool.poetry]
153
153
  package-mode = true
154
154
  name = "howler-api"
155
- version = "3.2.0.dev475"
155
+ version = "3.2.0.dev490"
156
156
  description = "Howler - API server"
157
157
  authors = [
158
158
  "Canadian Centre for Cyber Security <howler@cyber.gc.ca>",