Merge remote-tracking branch 'github_origin/develop' into gitlab_rele…

…ase_v4.31.0

.gitmodules

@@ -1,4 +1,4 @@
 [submodule "contentctl"]
 	path = contentctl
 	url = https://github.com/splunk/contentctl.git
-        ignore = all
+	ignore = all

README.md

@@ -99,4 +99,4 @@ Unless required by applicable law or agreed to in writing, software
 distributed under the License is distributed on an "AS IS" BASIS,
 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 See the License for the specific language governing permissions and
-limitations under the License.
+limitations under the License.

contentctl.yml

@@ -6,7 +6,9 @@ app:
   version: 4.30.0
   description: Explore the Analytic Stories included with ES Content Updates.
   prefix: ESCU
-  label: ESCU
+  build: 004210
+  version: 4.30.0
+  label: ES Content Updates
   author_name: Splunk Threat Research Team
   author_email: [email protected]
   author_company: Splunk

dist/DA-ESS-ContentUpdate/default/app.conf

@@ -1,6 +1,6 @@
 #############
 # Automatically generated by generator.py in splunk/security_content
-# On Date: 2024-04-29T18:21:14 UTC
+# On Date: 2024-04-17T22:08:10 UTC
 # Author: Splunk Threat Research Team - Splunk
 # Contact: [email protected]
 #############
@@ -10,7 +10,7 @@
 is_configured = false
 state = enabled
 state_change_requires_restart = false
-build = 20240429182108
+build = 20240417220604
 
 [triggers]
 reload.analytic_stories = simple

dist/DA-ESS-ContentUpdate/default/collections.conf

@@ -1,6 +1,6 @@
 #############
 # Automatically generated by generator.py in splunk/security_content
-# On Date: 2024-04-29T18:21:14 UTC
+# On Date: 2024-04-17T22:08:10 UTC
 # Author: Splunk Threat Research Team - Splunk
 # Contact: [email protected]
 #############

dist/DA-ESS-ContentUpdate/default/content-version.conf

@@ -1,6 +1,6 @@
 #############
 # Automatically generated by generator.py in splunk/security_content
-# On Date: 2024-04-29T18:21:14 UTC
+# On Date: 2024-04-17T22:08:10 UTC
 # Author: Splunk Threat Research Team - Splunk
 # Contact: [email protected]
 #############

dist/DA-ESS-ContentUpdate/default/es_investigations.conf

@@ -1,6 +1,6 @@
 #############
 # Automatically generated by generator.py in splunk/security_content
-# On Date: 2024-04-29T18:21:14 UTC
+# On Date: 2024-04-17T22:08:10 UTC
 # Author: Splunk Threat Research Team - Splunk
 # Contact: [email protected]
 #############

dist/DA-ESS-ContentUpdate/default/macros.conf

@@ -1,6 +1,6 @@
 #############
 # Automatically generated by generator.py in splunk/security_content
-# On Date: 2024-04-29T18:21:14 UTC
+# On Date: 2024-04-17T22:08:10 UTC
 # Author: Splunk Threat Research Team - Splunk
 # Contact: [email protected]
 #############

dist/DA-ESS-ContentUpdate/default/transforms.conf

@@ -1,6 +1,6 @@
 #############
 # Automatically generated by generator.py in splunk/security_content
-# On Date: 2024-04-29T18:21:14 UTC
+# On Date: 2024-04-17T22:08:10 UTC
 # Author: Splunk Threat Research Team - Splunk
 # Contact: [email protected]
 #############

dist/DA-ESS-ContentUpdate/default/workflow_actions.conf

@@ -1,6 +1,6 @@
 #############
 # Automatically generated by generator.py in splunk/security_content
-# On Date: 2024-04-29T18:21:14 UTC
+# On Date: 2024-04-17T22:08:10 UTC
 # Author: Splunk Threat Research Team - Splunk
 # Contact: [email protected]
 #############

dist/api/version.json

@@ -1 +1 @@
-{"version": {"name": "v4.30.0", "published_at": "2024-04-17T22:02:33Z"}}
+{"version": {"name": "v4.30.0", "published_at": "2024-04-17T22:11:55Z"}}

requirements.txt

@@ -1,20 +1,20 @@
 attackcti==0.3.9
 docker==6.1.3
-GitPython==3.1.37
-Jinja2==3.1.2
-jsonschema==4.19.1
+GitPython==3.1.43
+Jinja2==3.1.3
+jsonschema==4.21.1
 mock==4.0.3
-psutil==5.9.5
+psutil==5.9.8
 pycvesearch==1.2
 pydantic==1.10.8
-pysigma==0.9.8
-pysigma-backend-splunk==1.0.2
-pytest==7.4.2
+pysigma==0.11.4
+pysigma-backend-splunk==1.1.0
+pytest==7.4.4
 PyYAML>=5.4.1
 questionary==1.10.0
 requests==2.31.0
 six==1.16.0
 splunk-sdk==1.7.4
-wrapt-timeout-decorator==1.3.12.2
+wrapt-timeout-decorator==1.5.1
 xmltodict==0.13.0