fix(getopendbl): rename "cidr" column to "cidr_range"
to avoid confusion with match_type CIDR() in lookup definition
This commit is contained in:
parent
f0d9ad0ecb
commit
7529622fb2
|
@ -19,7 +19,7 @@ Provide custom search commands to update [malware-filter](https://gitlab.com/mal
|
||||||
|
|
||||||
Releases are available at https://gitlab.com/malware-filter/splunk-malware-filter/-/releases
|
Releases are available at https://gitlab.com/malware-filter/splunk-malware-filter/-/releases
|
||||||
|
|
||||||
Instruction to build the latest commit is available at the [Build](#build) section.
|
Instruction to build the main branch is available at the [Build](#build) section.
|
||||||
|
|
||||||
## Usage
|
## Usage
|
||||||
|
|
||||||
|
@ -141,7 +141,7 @@ Recommend to update the lookup file "opendbl_ip.csv" every 15 minutes (cron `*/1
|
||||||
| outputlookup override_if_empty=false opendbl_ip.csv
|
| outputlookup override_if_empty=false opendbl_ip.csv
|
||||||
```
|
```
|
||||||
|
|
||||||
| start | end | netmask | cidr | name | updated |
|
| start | end | netmask | cidr_range | name | updated |
|
||||||
| --------------- | --------------- | ------- | ------------------ | ----------------------------------------- | -------------------- |
|
| --------------- | --------------- | ------- | ------------------ | ----------------------------------------- | -------------------- |
|
||||||
| 187.190.252.167 | 187.190.252.167 | 32 | 187.190.252.167/32 | Emerging Threats: Known Compromised Hosts | 2023-01-30T08:03:00Z |
|
| 187.190.252.167 | 187.190.252.167 | 32 | 187.190.252.167/32 | Emerging Threats: Known Compromised Hosts | 2023-01-30T08:03:00Z |
|
||||||
| 89.248.163.0 | 89.248.163.255 | 24 | 89.248.163.0/24 | Dshield | 2023-01-30T08:01:00Z |
|
| 89.248.163.0 | 89.248.163.255 | 24 | 89.248.163.0/24 | Dshield | 2023-01-30T08:01:00Z |
|
||||||
|
|
|
@ -56,7 +56,7 @@ class GetOpenDBL(Utility, GeneratingCommand):
|
||||||
"start": line,
|
"start": line,
|
||||||
"end": line,
|
"end": line,
|
||||||
"netmask": "32",
|
"netmask": "32",
|
||||||
"cidr": f"{line}/32",
|
"cidr_range": f"{line}/32",
|
||||||
"name": name,
|
"name": name,
|
||||||
"updated": updated,
|
"updated": updated,
|
||||||
}
|
}
|
||||||
|
@ -64,7 +64,7 @@ class GetOpenDBL(Utility, GeneratingCommand):
|
||||||
if "-" in line:
|
if "-" in line:
|
||||||
row["start"], row["end"] = line.split("-")
|
row["start"], row["end"] = line.split("-")
|
||||||
row["netmask"] = 24
|
row["netmask"] = 24
|
||||||
row["cidr"] = f"{row['start']}/{row['netmask']}"
|
row["cidr_range"] = f"{row['start']}/{row['netmask']}"
|
||||||
|
|
||||||
if (
|
if (
|
||||||
isinstance(self.custom_message, str)
|
isinstance(self.custom_message, str)
|
||||||
|
|
2
build.py
2
build.py
|
@ -50,7 +50,7 @@ def exclusion(tarinfo):
|
||||||
# exclude certain folders/files
|
# exclude certain folders/files
|
||||||
pathname = tarinfo.name
|
pathname = tarinfo.name
|
||||||
if search(
|
if search(
|
||||||
r"/\.|\\\.|__pycache__|pyproject.toml|requirements-dev.txt|build.py", pathname
|
r"/\.|\\\.|__pycache__|pyproject.toml|requirements-dev.txt|build.py|tar.gz", pathname
|
||||||
):
|
):
|
||||||
return None
|
return None
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
ip,message,updated
|
|
|
@ -0,0 +1 @@
|
||||||
|
first_seen_utc,dst_ip,dst_port,c2_status,last_online,malware,updated
|
|
|
@ -0,0 +1 @@
|
||||||
|
start,end,netmask,cidr_range,name,updated
|
|
|
@ -0,0 +1 @@
|
||||||
|
host,path,message,updated
|
|
|
@ -0,0 +1 @@
|
||||||
|
host,path,message,updated
|
|
|
@ -0,0 +1 @@
|
||||||
|
host,path,message,updated
|
|
|
@ -0,0 +1 @@
|
||||||
|
host,path,message,updated
|
|
Loading…
Reference in New Issue