xbase-util 0.4.5__tar.gz → 0.4.6__tar.gz
Sign up to get free protection for your applications and to get access to all the features.
- {xbase_util-0.4.5 → xbase_util-0.4.6}/PKG-INFO +1 -1
- {xbase_util-0.4.5 → xbase_util-0.4.6}/setup.py +1 -1
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/dangerous_util.py +1 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util.egg-info/PKG-INFO +1 -1
- {xbase_util-0.4.5 → xbase_util-0.4.6}/README.md +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/setup.cfg +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/__init__.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/add_column_util.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/db/__init__.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/db/bean/ConfigBean.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/db/bean/CurrentConfigBean.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/db/bean/FlowBean.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/db/bean/TaskTemplateBean.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/db/bean/__init__.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/db/dao/ConfigDao.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/db/dao/CurrentConfigDao.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/db/dao/FlowDao.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/db/dao/TaskTemplateDao.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/db/dao/__init__.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/db/initsqlite3.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/es_db_util.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/esreq.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/geo_util.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/handle_features_util.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/packet_util.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/pcap_util.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/xbase_constant.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util/xbase_util.py +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util.egg-info/SOURCES.txt +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util.egg-info/dependency_links.txt +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util.egg-info/not-zip-safe +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util.egg-info/top_level.txt +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util_assets/GeoLite2-City.mmdb +0 -0
- {xbase_util-0.4.5 → xbase_util-0.4.6}/xbase_util_assets/arkimeparse.js +0 -0
|
@@ -88,6 +88,7 @@ sourcetype=changting:waf
|
|
|
88
88
|
| rex field=_raw "\\"action\\":\\"(?<DENY_METHOD>[^\\"]+)\\""
|
|
89
89
|
| rex field=_raw "\\"reason\\":\\"(?<THREAT_SUMMARY>[^\\"]+)\\""
|
|
90
90
|
| rex field=_raw "\\"risk_level\\":\\"(?<SEVERITY>[^\\"]+)\\""
|
|
91
|
+
| eval THREAT_TIME = strftime(strptime(THREAT_TIME, "%Y-%m-%dT%H:%M:%S"), "%Y-%m-%d %H:%M:%S")
|
|
91
92
|
| dedup THREAT_TIME,SIP,S_PORT,DIP,D_PORT,XFF_IP,PROTOCOL
|
|
92
93
|
| table THREAT_TIME,SIP,S_PORT,DIP,D_PORT,XFF_IP,PROTOCOL,DENY_METHOD,THREAT_SUMMARY,SEVERITY
|
|
93
94
|
"""
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|
|
File without changes
|