pyth0n1c
pyth0n1c
add publish_date field to action.correlationsearch.metadata Date should be the epoch time of Detection.date @ midnight, UTC. It should be a whole number and expressed as a float.
~Prep for release v4.2~ This branch has been remapped to 4.3. 4.2 will contain only the release version of the data_source implementation
We still have some use of the `@validator` decorator in our Pydantic Objects. This is deprecated in Pydantic2+, so we should look at removing it in favor of `@field_validator` or...
it is now calculated using the risk score. Note that we may apply this to confidence field as well after discussion
Add an extra, missing field to the lookup.py model called max_matches that was accidentally dropped. set extra='forbid' for SecurityContentObject This PR is on hold pending significant, structural changes to Detection...
`Enterprise Security Roles Do Not Exist` printed out even if --enable-integration-testing is not passed on command line. We should not print this warning if we do not expect ES to...
Extended validation for lookups to include inputlookup and outputlookup. This required a few content modifications and creation of new lookups. Since we have a large number of detections that now...
set extra='forbid' to catch erroneously included fields in high leve ymls. This is a change to the pydantic model schema in the following PR: https://github.com/splunk/contentctl/pull/208
Using the flag --suppress-missing-content-exceptions during metadata validation will allow validation to succeed even if content has been removed. This is important to support both the removal of content, if this...