release-1038

sigsci_TA_for_splunk/README.txt

@@ -9,4 +9,81 @@ This is an add-on powered by the Splunk Add-on Builder.
 /opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui.exe: this file does not require any source code
 /opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-arm64.exe: this file does not require any source code
 /opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-arm64.exe: this file does not require any source code
-/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/markupsafe/_speedups.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/markupsafe/_speedups.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+# Binary File Declaration
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/pvectorc.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/markupsafe/_speedups.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-32.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-arm64.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-arm64.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-64.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-32.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-64.exe: this file does not require any source code
+# Binary File Declaration
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/pvectorc.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/markupsafe/_speedups.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-32.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-arm64.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-arm64.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-64.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-32.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-64.exe: this file does not require any source code
+# Binary File Declaration
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/pvectorc.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-32.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-32.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-64.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-arm64.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-arm64.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-64.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/markupsafe/_speedups.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+# Binary File Declaration
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/pvectorc.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-32.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-32.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-64.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-arm64.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-arm64.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-64.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui.exe: this file does not require any source code
+/opt/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/markupsafe/_speedups.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+# Binary File Declaration
+/home/ntyze/git/splunk/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/pvectorc.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+/home/ntyze/git/splunk/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/markupsafe/_speedups.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+/home/ntyze/git/splunk/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli.exe: this file does not require any source code
+/home/ntyze/git/splunk/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-32.exe: this file does not require any source code
+/home/ntyze/git/splunk/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-32.exe: this file does not require any source code
+/home/ntyze/git/splunk/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-arm64.exe: this file does not require any source code
+/home/ntyze/git/splunk/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-64.exe: this file does not require any source code
+/home/ntyze/git/splunk/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-arm64.exe: this file does not require any source code
+/home/ntyze/git/splunk/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui.exe: this file does not require any source code
+/home/ntyze/git/splunk/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-64.exe: this file does not require any source code
+# Binary File Declaration
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/pvectorc.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/markupsafe/_speedups.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli.exe: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-32.exe: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-32.exe: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-arm64.exe: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-64.exe: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-arm64.exe: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui.exe: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-64.exe: this file does not require any source code
+# Binary File Declaration
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/pvectorc.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/markupsafe/_speedups.cpython-37m-x86_64-linux-gnu.so: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli.exe: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-32.exe: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-32.exe: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-arm64.exe: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-64.exe: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui-arm64.exe: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/gui.exe: this file does not require any source code
+/home/ntyze/splunk/dep/splunk/var/data/tabuilder/package/sigsci_TA_for_splunk/bin/sigsci_ta_for_splunk/aob_py3/setuptools/cli-64.exe: this file does not require any source code

sigsci_TA_for_splunk/README/inputs.conf.spec

@@ -1,8 +1,21 @@
-[SigsciEvent://<name>]
-site_api_name = This is the Site API Name. It should not be a URL.
-
 [SigsciRequests://<name>]
 site_api_name = This is the API Name of the site to pull request data from. This should not be a URL.
+request_limit = The amount of request objects returned in the array. Default: 100. Max:1000
+disable_catchup = Disables catch-up behavior. Request feed will always be ingested from now and the delta (and offset). We recommend keeping this as checked for request feeds with large amounts of requests.
+twenty_hour_catchup = In the event the last time stored is >24hours the TA will try can try and catch-up from exactly 24 hours ago, otherwise resets to now - delta. Disable catchup must be false in order to work.
+attack_and_anomaly_signals_only = Only retrieves requests that contain attack or anomaly signals. Please evaluate your signal configuration if there are overly inclusive signals creating excessive requests.
+request_timeout = Configures Request Timeout for HTTP operations. Consider increasing if on a slow connection or pagination batches are large.
+read_timeout = Configures Read Timeout for HTTP operations. Consider increasing if on a slow connection or pagination batches are large.
+
+[SigsciEvent://<name>]
+site_api_name = This is the Site API Name. It should not be a URL.
+disable_catchup = Time is always set based from now - delta (Interval). Recommended to be True. Default: True.
+twenty_hour_catchup = If last stored timestamp was over 24 hours, resets to exactly 24 hours ago instead to meet API limitations.
+request_timeout = Configures Request Timeout for HTTP operations. Consider increasing if on a slow connection or pagination batches are large.
+read_timeout = Configured Read Timeout for HTTP operations. Consider increasing if on a slow connection or pagination batches are large.
 
 [SigsciActivity://<name>]
-place_holder = It was required to have one option even if it isn't needed. You can skip this one.
+disable_catchup = 
+twenty_hour_catchup = 
+request_timeout = Configures Request Timeout for HTTP operations. Consider increasing if on a slow connection or pagination batches are large.
+read_timeout = Configures Read Timeout for HTTP operations. Consider increasing if on a slow connection or pagination batches are large.

sigsci_TA_for_splunk/app.manifest

@@ -5,7 +5,7 @@
     "id": {
       "group": null,
       "name": "sigsci_TA_for_splunk",
-      "version": "1.0.37"
+      "version": "1.0.38"
     },
     "author": [
       {