8000 Handle VAST matcher CLI changes in pyvast-threatbus by 0snap · Pull Request #109 · tenzir/threatbus · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
This repository was archived by the owner on May 29, 2024. It is now read-only.

Handle VAST matcher CLI changes in pyvast-threatbus #109

Merged
merged 5 commits into from
Apr 12, 2021
Merged

Handle VAST matcher CLI changes in pyvast-threatbus #109

merged 5 commits into from
Apr 12, 2021

Conversation

0snap
Copy link
Contributor
@0snap 0snap commented Apr 6, 2021
edited
Loading

📔 Description

The VAST matcher is now available as plugin. That rewrite led to a CLI change.

This PR updates pyvast-threatbus to use the correct CLI options to work with the VAST matcher plugin. It also fixes a small bug where the wrong function name was called for mapping matcher results to STIX-2 sightings.

📝 Checklist

  • All user-facing changes have changelog entries.
  • The changes are reflected on docs.tenzir.com/threatbus, if necessary.
  • The PR description contains instructions for the reviewer, if necessary.

🎯 Review Instructions

@0snap 0snap force-pushed the story/ch22903 branch 2 times, most recently from 55c6d5b to c8bbd2b Compare April 8, 2021 14:47
@0snap 0snap added bug Incorrect behavior maintenance 8000 Tasks for keeping up the infrastructure labels Apr 8, 2021
@0snap 0snap marked this pull request as ready for review April 8, 2021 14:55
@0snap 0snap requested review from mavam, tobim and dominiklohmann April 12, 2021 10:32
@dominiklohmann dominiklohmann self-assigned this Apr 12, 2021
dominiklohmann
dominiklohmann approved these changes Apr 12, 2021
View reviewed changes
Copy link
Member
@dominiklohmann dominiklohmann left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I ran this locally and can confirm that the tests work with a recent build of VAST with the Matcher plugin.

We should think about running these tests as part of the Matcher CI. Obviously this cannot happen directly in this repository, but having the tests automated would save a lot of time in future reviews.

I'm approving this PR as-is, but please reword the first changelog entry as I suggested.

@0snap 0snap merged commit b6e59a8 into master Apr 12, 2021
@0snap 0snap deleted the story/ch22903 branch April 12, 2021 11:46
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@dominiklohmann dominiklohmann dominiklohmann approved these changes

@mavam mavam Awaiting requested review from mavam

@tobim tobim Awaiting requested review from tobim

Assignees

@dominiklohmann dominiklohmann

Labels
bug Incorrect behavior maintenance Tasks for keeping up the infrastructure
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@0snap @dominiklohmann
0