diff --git a/Makefile b/Makefile index 097c8a8a322..88f7e370b3a 100644 --- a/Makefile +++ b/Makefile @@ -2,6 +2,7 @@ ### detection-rules ################# +APP_NAME := detection-rules VENV := ./env/detection-rules-build VENV_BIN := $(VENV)/bin PYTHON := $(VENV_BIN)/python @@ -26,7 +27,7 @@ deps: $(VENV) $(PIP) install lib/kql .PHONY: hunting-deps -deps: $(VENV) +hunting-deps: $(VENV) @echo "Installing all dependencies..." $(PIP) install .[hunting] @@ -58,13 +59,13 @@ test-remote-cli: $(VENV) deps @./detection_rules/etc/test_remote_cli.bash .PHONY: test-hunting-cli -test-remote-cli: $(VENV) hunting-deps +test-hunting-cli: $(VENV) hunting-deps @echo "Executing test_hunting_cli script..." @./detection_rules/etc/test_hunting_cli.bash .PHONY: release release: deps - @echo "RELEASE: $(app_name)" + @echo "RELEASE: $(APP_NAME)" $(PYTHON) -m detection_rules dev build-release --generate-navigator rm -rf dist mkdir dist diff --git a/detection_rules/etc/test_hunting_cli.bash b/detection_rules/etc/test_hunting_cli.bash index 834ea6238d0..bb7d7a765db 100755 --- a/detection_rules/etc/test_hunting_cli.bash +++ b/detection_rules/etc/test_hunting_cli.bash @@ -15,11 +15,11 @@ echo "Refreshing index" python -m hunting refresh-index echo "Generating Markdown: initial_access_higher_than_average_failed_authentication.toml" -python -m hunting generate-markdown /Users/tdejesus/code/src/detection-rules/hunting/okta/queries/initial_access_higher_than_average_failed_authentication.toml +python -m hunting generate-markdown hunting/okta/queries/initial_access_higher_than_average_failed_authentication.toml echo "Running Query: low_volume_external_network_connections_from_process.toml" echo "Requires .detection-rules-cfg.json credentials file set." -python -m hunting run-query --file-path /Users/tdejesus/code/src/detection-rules/hunting/linux/queries/low_volume_external_network_connections_from_process.toml --all +python -m hunting run-query --file-path hunting/linux/queries/low_volume_external_network_connections_from_process.toml --all echo "Viewing Hunt: 12526f14-5e35-4f5f-884c-96c6a353a544" python -m hunting view-hunt --uuid 12526f14-5e35-4f5f-884c-96c6a353a544 --format json diff --git a/hunting/markdown.py b/hunting/markdown.py index 9a139e8f84c..19c0c57995e 100644 --- a/hunting/markdown.py +++ b/hunting/markdown.py @@ -93,7 +93,7 @@ def update_or_add_entry(self, hunt_config: Hunt, toml_path: Path) -> None: entry = { 'name': hunt_config.name, - 'path': f"./{toml_path.relative_to(self.base_path).as_posix()}", + 'path': f"./{toml_path.resolve().relative_to(self.base_path).as_posix()}", 'mitre': hunt_config.mitre } diff --git a/pyproject.toml b/pyproject.toml index 4878ac6c3f0..626282605a3 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [project] name = "detection_rules" -version = "1.2.12" +version = "1.2.13" description = "Detection Rules is the home for rules used by Elastic Security. This repository is used for the development, maintenance, testing, validation, and release of rules for Elastic Security’s Detection Engine." readme = "README.md" requires-python = ">=3.12"