Xiaokui Shu
Xiaokui Shu
**Describe the bug** ``` procs = GET process FROM file:///tmp/lab101.json WHERE parent_ref.name = 'svchost.exe' START 2021-04-03T00:00:00Z STOP 2021-04-03T02:00:00Z procs_grps = GROUP procs BY binary_ref.name WITH COUNT(pid) AS number_of_procs APPLY python://attribute-plot...
The project URL on http://hackage.haskell.org/package/jupyter is currently`http://github.com/gibiansky/haskell-jupyter`, which should be `https://github.com/gibiansky/jupyter-haskell`.
1) update to latest LTS 13.28 with GHC-8.6.5 2) test build passed with zeromq-4.3.1
Currently `http` is hard-coded as the protocol talking to Elasticsearch. It will be great if we have SSL/HTTPS support.
`requests` used at [raft.py](https://github.com/opencybersecurityalliance/firepit/blob/develop/firepit/raft.py#L11) seems missing in [requirement specification](https://github.com/opencybersecurityalliance/firepit/blob/develop/setup.py#L13).
While doing a [small refactoring](https://github.com/opencybersecurityalliance/kestrel-lang/pull/379) for `commands.py` in Kestrel, I find an existing unit test does not behave as I thought. The unit test: https://github.com/opencybersecurityalliance/kestrel-lang/blob/develop/tests/test_timestamped.py#L85 The huntflow to reproduce the...
## Done 1. Add relation resolution tables 2. Add multi-column support to RefComparison (matching both `pid` and `endpoint.id` for identifying `process`) - Update instruction and comparison data structure - Upgrade...
**Describe the bug** Currently `self.variable_map` is used at `_KestrelT` to record the type of variable for later use. This is OK as long as the variable is defined in the...
**Is your feature request related to a problem? Please describe.** When evaluating with multiple interfaces, we will store the results of one interface in cache, then give the reference of...
**Describe the bug** - Currently we have `m`, `minute`, and `minutes` for minute, and we may need `min` as well. - Same for second, it may be good to add...