Mirrors/marcredhat-siem-toolkit-patched
1
0
Fork 0
mirror of https://github.com/marcredhat/SIEM-toolkit-patched synced 2026-06-11 05:41:19 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
2eea2d9510128ecdda665305b7f90172784786c2
marcredhat-siem-toolkit-pat…/backend
T
History
marc 2eea2d9510 Parser Test Runner: filter non-parser SDL artefacts from dropdown 
SDL /logParsers/ also returns UEBA analytics tables, saved searches and
dashboard configs. They are not valid Test Runner inputs and pollute the
dropdown. Filter list_parser_files in two tiers:

  1) Name denylist (ueba_*, searches, *_baselines_*, *_features_*,
     *_scores_*, bsi-*, *-overview, smoke/test tables).
  2) Content scan: file must contain attributes:/patterns:/formats:/
     patternRefs:/rewrites:/parser: in the first 4 KB.

Observed result on a representative tenant: 97 files -> 41 real parsers,
with 0 false positives and 0 false negatives.
2026-05-22 21:12:47 +02:00
..
routers
Parser Test Runner: filter non-parser SDL artefacts from dropdown
2026-05-22 21:12:47 +02:00
services
Cherry-pick improvements from PR #2 (marcredhat)
2026-05-22 10:11:42 -04:00
db.py
Add health score, coverage trends, dependency map, PowerQuery playground, onboarding tracker
2026-05-22 11:09:43 -04:00
Dockerfile
Initial commit: SIEM Toolkit for SentinelOne
2026-05-19 11:39:26 -04:00
main.py
Add health score, coverage trends, dependency map, PowerQuery playground, onboarding tracker
2026-05-22 11:09:43 -04:00
requirements.txt
Initial commit: SIEM Toolkit for SentinelOne
2026-05-19 11:39:26 -04:00