chg: [app] Renamed query-comparison with query-mirror

This commit is contained in:
Sami Mokaddem 2024-07-04 08:46:08 +02:00
parent 9b0cb51643
commit f0d079ea32
4 changed files with 16 additions and 15 deletions

View file

@ -10,7 +10,7 @@ from typing import Union
import jq
import db
from inject_evaluator import eval_data_filtering, eval_query_comparison
from inject_evaluator import eval_data_filtering, eval_query_mirror
import misp_api
import config
from config import logger
@ -352,10 +352,10 @@ def inject_checker_router(user_id: int, inject_evaluation: dict, data: dict, con
if inject_evaluation['evaluation_strategy'] == 'data_filtering':
return eval_data_filtering(user_id, inject_evaluation, data_to_validate)
elif inject_evaluation['evaluation_strategy'] == 'query_comparison':
elif inject_evaluation['evaluation_strategy'] == 'query_mirror':
expected_data = data_to_validate['expected_data']
data_to_validate = data_to_validate['data_to_validate']
return eval_query_comparison(user_id, expected_data, data_to_validate)
return eval_query_mirror(user_id, expected_data, data_to_validate)
return False
@ -364,9 +364,9 @@ def get_data_to_validate(user_id: int, inject_evaluation: dict, data: dict) -> U
if inject_evaluation['evaluation_strategy'] == 'data_filtering':
event_id = parse_event_id_from_log(data)
data_to_validate = fetch_data_for_data_filtering(event_id=event_id)
elif inject_evaluation['evaluation_strategy'] == 'query_comparison':
elif inject_evaluation['evaluation_strategy'] == 'query_mirror':
perfomed_query = parse_performed_query_from_log(data)
data_to_validate = fetch_data_for_query_comparison(user_id, inject_evaluation, perfomed_query)
data_to_validate = fetch_data_for_query_mirror(user_id, inject_evaluation, perfomed_query)
return data_to_validate
@ -419,7 +419,7 @@ def fetch_data_for_data_filtering(event_id=None) -> Union[None, dict]:
return data
def fetch_data_for_query_comparison(user_id: int, inject_evaluation: dict, perfomed_query: dict) -> Union[None, dict]:
def fetch_data_for_query_mirror(user_id: int, inject_evaluation: dict, perfomed_query: dict) -> Union[None, dict]:
data = None
authkey = db.USER_ID_TO_AUTHKEY_MAPPING[user_id]
if perfomed_query is not None:

View file

@ -119,7 +119,7 @@
}
],
"result": "Published 48h retreived",
"evaluation_strategy": "query_comparison",
"evaluation_strategy": "query_mirror",
"evaluation_context": {
"request_is_rest": true,
"query_context": {
@ -134,7 +134,7 @@
}
],
"name": "Get Published in the past 48h",
"target_tool": "MISP-query",
"target_tool": "MISP",
"uuid": "e2216993-6192-4e7c-ae30-97cfe9de61b4"
},
{
@ -150,7 +150,7 @@
}
],
"result": "IP CSV retrieved",
"evaluation_strategy": "query_comparison",
"evaluation_strategy": "query_mirror",
"evaluation_context": {
"request_is_rest": true,
"query_context": {
@ -165,7 +165,7 @@
}
],
"name": "IP IoCs changed in the past 48h in CSV",
"target_tool": "MISP-query",
"target_tool": "MISP",
"uuid": "caf68c86-65ed-4df3-99b8-7e346fa498ba"
},
{
@ -180,7 +180,7 @@
}
],
"result": "20 Attribute tagged retrieved",
"evaluation_strategy": "query_comparison",
"evaluation_strategy": "query_mirror",
"evaluation_context": {
"request_is_rest": true,
"query_context": {
@ -195,7 +195,7 @@
}
],
"name": "First 20 Attribute with TLP lower than `amber`",
"target_tool": "MISP-query",
"target_tool": "MISP",
"uuid": "3e96fb13-4aba-448c-8d79-efb93392cc88"
},
{
@ -209,7 +209,7 @@
}
],
"result": "Phising counted",
"evaluation_strategy": "query_comparison",
"evaluation_strategy": "query_mirror",
"evaluation_context": {
"request_is_rest": true,
"query_context": {
@ -224,7 +224,7 @@
}
],
"name": "Event count with `Phishing - T1566` involved",
"target_tool": "MISP-query",
"target_tool": "MISP",
"uuid": "1da0fdc8-9d0d-4618-a811-66491e196833"
}
]

View file

@ -219,6 +219,7 @@
}
],
"name": "Event Creation",
"description": "Create an Event containing `ransomware`",
"target_tool": "MISP",
"uuid": "8e8dbda2-0f5e-4101-83ff-63c1ddda2cae"
},

View file

@ -145,5 +145,5 @@ def eval_data_filtering(user_id: int, inject_evaluation: dict, data: dict) -> bo
## Query comparison
##
def eval_query_comparison(user_id: int, expected_data, data_to_validate) -> bool:
def eval_query_mirror(user_id: int, expected_data, data_to_validate) -> bool:
return expected_data == data_to_validate