From 42c1fc071ce2ff0592a842b272e101a15a446e99 Mon Sep 17 00:00:00 2001 From: Matt <35928174+StackAppsFinland@users.noreply.github.com> Date: Fri, 24 Nov 2023 11:40:23 +0200 Subject: [PATCH] Update imports to osodevops --- ast.go | 2 +- condition_parser.go | 2 +- evaluator/aggregators/memory.go | 4 ++-- evaluator/benchmarks_test.go | 4 ++-- evaluator/evaluate.go | 4 +++- evaluator/evaluate_aggregation.go | 2 +- evaluator/evaluate_search.go | 4 ++-- evaluator/evaluate_test.go | 2 +- evaluator/fieldmappings_test.go | 2 +- evaluator/fuzz.go | 2 +- evaluator/index_test.go | 2 +- evaluator/options.go | 2 +- 12 files changed, 17 insertions(+), 15 deletions(-) diff --git a/ast.go b/ast.go index 5509dea..650d906 100644 --- a/ast.go +++ b/ast.go @@ -6,7 +6,7 @@ import ( "gopkg.in/yaml.v3" - "github.com/bradleyjkemp/sigma-go/internal/grammar" + "github.com/osodevops/sigma-go/internal/grammar" ) type Condition struct { diff --git a/condition_parser.go b/condition_parser.go index 6ac63a8..a050d27 100644 --- a/condition_parser.go +++ b/condition_parser.go @@ -3,7 +3,7 @@ package sigma import ( "github.com/alecthomas/participle" "github.com/alecthomas/participle/lexer" - "github.com/bradleyjkemp/sigma-go/internal/grammar" + "github.com/osodevops/sigma-go/internal/grammar" ) var ( diff --git a/evaluator/aggregators/memory.go b/evaluator/aggregators/memory.go index f19ae29..030ad0d 100644 --- a/evaluator/aggregators/memory.go +++ b/evaluator/aggregators/memory.go @@ -5,8 +5,8 @@ import ( "sync" "time" - "github.com/bradleyjkemp/sigma-go/evaluator" - "github.com/bradleyjkemp/sigma-go/internal/slidingstatistics" + "github.com/osodevops/sigma-go/evaluator" + "github.com/osodevops/sigma-go/internal/slidingstatistics" ) type inMemory struct { diff --git a/evaluator/benchmarks_test.go b/evaluator/benchmarks_test.go index 73b8c3e..19c8a42 100644 --- a/evaluator/benchmarks_test.go +++ b/evaluator/benchmarks_test.go @@ -5,8 +5,8 @@ import ( "encoding/json" "testing" - "github.com/bradleyjkemp/sigma-go" - "github.com/bradleyjkemp/sigma-go/evaluator" + "github.com/osodevops/sigma-go" + "github.com/osodevops/sigma-go/evaluator" ) const testRule = ` diff --git a/evaluator/evaluate.go b/evaluator/evaluate.go index 745b7e9..da5b434 100644 --- a/evaluator/evaluate.go +++ b/evaluator/evaluate.go @@ -5,7 +5,7 @@ import ( "encoding/json" "fmt" - "github.com/bradleyjkemp/sigma-go" + "github.com/osodevops/sigma-go" ) type RuleEvaluator struct { @@ -30,6 +30,7 @@ type RuleEvaluator struct { // For example, if a Sigma rule has a condition like this (attempting to detect login brute forcing) // // detection: +// // login_attempt: // # something here // condition: @@ -40,6 +41,7 @@ type RuleEvaluator struct { // Each different GroupedByValues points to a different box. // // GroupedByValues +// // || // ___↓↓___ ________ // | User A | | User B | diff --git a/evaluator/evaluate_aggregation.go b/evaluator/evaluate_aggregation.go index 0b64d75..286e392 100644 --- a/evaluator/evaluate_aggregation.go +++ b/evaluator/evaluate_aggregation.go @@ -5,7 +5,7 @@ import ( "fmt" "strconv" - "github.com/bradleyjkemp/sigma-go" + "github.com/osodevops/sigma-go" ) func (rule RuleEvaluator) evaluateAggregationExpression(ctx context.Context, conditionIndex int, aggregation sigma.AggregationExpr, event Event) (bool, error) { diff --git a/evaluator/evaluate_search.go b/evaluator/evaluate_search.go index 844e506..c1a0e0e 100644 --- a/evaluator/evaluate_search.go +++ b/evaluator/evaluate_search.go @@ -4,14 +4,14 @@ import ( "context" "encoding/json" "fmt" - "github.com/bradleyjkemp/sigma-go/evaluator/modifiers" + "github.com/osodevops/sigma-go/evaluator/modifiers" "path" "reflect" "regexp" "strings" "github.com/PaesslerAG/jsonpath" - "github.com/bradleyjkemp/sigma-go" + "github.com/osodevops/sigma-go" ) func (rule RuleEvaluator) evaluateSearchExpression(search sigma.SearchExpr, searchResults map[string]bool) bool { diff --git a/evaluator/evaluate_test.go b/evaluator/evaluate_test.go index 797aea1..e003f27 100644 --- a/evaluator/evaluate_test.go +++ b/evaluator/evaluate_test.go @@ -4,7 +4,7 @@ import ( "context" "testing" - "github.com/bradleyjkemp/sigma-go" + "github.com/osodevops/sigma-go" ) func TestRuleEvaluator_Matches(t *testing.T) { diff --git a/evaluator/fieldmappings_test.go b/evaluator/fieldmappings_test.go index db541d3..857ba35 100644 --- a/evaluator/fieldmappings_test.go +++ b/evaluator/fieldmappings_test.go @@ -4,7 +4,7 @@ import ( "context" "testing" - "github.com/bradleyjkemp/sigma-go" + "github.com/osodevops/sigma-go" ) func TestRuleEvaluator_HandlesBasicFieldMappings(t *testing.T) { diff --git a/evaluator/fuzz.go b/evaluator/fuzz.go index a4dd8d3..78d2422 100644 --- a/evaluator/fuzz.go +++ b/evaluator/fuzz.go @@ -4,7 +4,7 @@ import ( "context" "encoding/json" - "github.com/bradleyjkemp/sigma-go" + "github.com/osodevops/sigma-go" ) const testRule = ` diff --git a/evaluator/index_test.go b/evaluator/index_test.go index 2c1d259..af50fc5 100644 --- a/evaluator/index_test.go +++ b/evaluator/index_test.go @@ -5,7 +5,7 @@ import ( "fmt" "testing" - "github.com/bradleyjkemp/sigma-go" + "github.com/osodevops/sigma-go" ) func TestRuleEvaluator_RelevantToEvent_LogsourceRewriting(t *testing.T) { diff --git a/evaluator/options.go b/evaluator/options.go index 4684e54..34cb4c2 100644 --- a/evaluator/options.go +++ b/evaluator/options.go @@ -3,7 +3,7 @@ package evaluator import ( "context" - "github.com/bradleyjkemp/sigma-go" + "github.com/osodevops/sigma-go" ) type Option func(*RuleEvaluator)