From 61fc8e96df9a88c1f8e1f0aa2f72afae67a0b3e9 Mon Sep 17 00:00:00 2001 From: Vincent Roy Date: Mon, 8 Jun 2026 14:03:56 +0200 Subject: [PATCH 1/2] pre-sort map keys in list-item result blocks (deepSort fix) --- .../f5-distributed-cloud-services_tests.yaml | 10 ++-- invary/assets/logs/invary_tests.yaml | 14 +++--- perimeterx/assets/logs/perimeterx_tests.yaml | 2 +- tailscale/assets/logs/tailscale_tests.yaml | 42 ++++++++-------- twingate/assets/logs/twingate_tests.yaml | 6 +-- watchtower_ziris/assets/logs/ziris_tests.yaml | 50 +++++++++---------- 6 files changed, 62 insertions(+), 62 deletions(-) diff --git a/f5-distributed-cloud/assets/logs/f5-distributed-cloud-services_tests.yaml b/f5-distributed-cloud/assets/logs/f5-distributed-cloud-services_tests.yaml index c946eed26d..495e63d37e 100644 --- a/f5-distributed-cloud/assets/logs/f5-distributed-cloud-services_tests.yaml +++ b/f5-distributed-cloud/assets/logs/f5-distributed-cloud-services_tests.yaml @@ -617,14 +617,14 @@ tests: severity: "info" signatures: - + accuracy: "medium_accuracy" attack_type: "ATTACK_TYPE_PATH_TRAVERSAL" - matching_info: "Matched 8 characters on offset 0 against value: 'GET /../../../../etc/shadow HTTP/1.1rnhost: demo.xc.f5demo.netr'. " context: "url" - name: "Directory Traversal attempt \"../\" (URI)" - accuracy: "medium_accuracy" id: "200007029" - state: "Enabled" id_name: "200007029, Directory Traversal attempt \"../\" (URI)" + matching_info: "Matched 8 characters on offset 0 against value: 'GET /../../../../etc/shadow HTTP/1.1rnhost: demo.xc.f5demo.netr'. " + name: "Directory Traversal attempt \"../\" (URI)" + state: "Enabled" site: "fr4-fra" sni: "demo.xc.f5demo.net" source: "N:public" @@ -660,8 +660,8 @@ tests: violations: - attack_type: "ATTACK_TYPE_DETECTION_EVASION" - matching_info: "Matched 13 characters on offset 0 against value: '/../../../../etc/shadow'. " context: "url" + matching_info: "Matched 13 characters on offset 0 against value: '/../../../../etc/shadow'. " name: "VIOL_EVASION_DIRECTORY_TRAVERSALS" state: "Enabled" waf_mode: "block" diff --git a/invary/assets/logs/invary_tests.yaml b/invary/assets/logs/invary_tests.yaml index a819814ade..456fed7b23 100644 --- a/invary/assets/logs/invary_tests.yaml +++ b/invary/assets/logs/invary_tests.yaml @@ -58,26 +58,26 @@ tests: custom: checks: - - result: "SUCCESSFUL" name: "required.nodes" - - result: "SUCCESSFUL" - name: "jump.tables" - + name: "jump.tables" result: "SUCCESSFUL" - name: "function.pointers" - + name: "function.pointers" result: "SUCCESSFUL" - name: "task.gates" - + name: "task.gates" result: "SUCCESSFUL" - name: "task.tree" - + name: "task.tree" result: "SUCCESSFUL" - name: "data.nodes" - + name: "data.nodes" result: "SUCCESSFUL" + - name: "nops.table" + result: "SUCCESSFUL" created: "2023-10-19T14:28:52.604920282Z" distribution: codename: "jammy" diff --git a/perimeterx/assets/logs/perimeterx_tests.yaml b/perimeterx/assets/logs/perimeterx_tests.yaml index 07eee6a12a..bf886bb737 100644 --- a/perimeterx/assets/logs/perimeterx_tests.yaml +++ b/perimeterx/assets/logs/perimeterx_tests.yaml @@ -60,8 +60,8 @@ tests: title: "legitimate Request From 45.79.17.102" true_ip_classification: - - name: "Shared IPs" class: "SharedIPs" + name: "Shared IPs" user_agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36" message: |- { diff --git a/tailscale/assets/logs/tailscale_tests.yaml b/tailscale/assets/logs/tailscale_tests.yaml index 9d3989d46b..7e7ac7dfaf 100644 --- a/tailscale/assets/logs/tailscale_tests.yaml +++ b/tailscale/assets/logs/tailscale_tests.yaml @@ -281,59 +281,59 @@ tests: logged: "2022-10-28T22:40:00.290605382Z" physicalTraffic: - - rxBytes: 384 dst: "192.555.66.77:41641" - txBytes: 384 - src: "100.111.44.55:0" + rxBytes: 384 rxPkts: 4 + src: "100.111.44.55:0" + txBytes: 384 txPkts: 4 - - rxBytes: 848 dst: "192.168.0.101:41641" - txBytes: 1136 - src: "100.44.55.66:0" + rxBytes: 848 rxPkts: 3 + src: "100.44.55.66:0" + txBytes: 1136 txPkts: 6 - - rxBytes: 512 dst: "143.110.111.222:41641" - txBytes: 752 - src: "100.99.888.77:0" + rxBytes: 512 rxPkts: 2 + src: "100.99.888.77:0" + txBytes: 752 txPkts: 4 start: "2022-10-28T22:39:51.890385065Z" virtualTraffic: - - rxBytes: 112 dst: "100.111.44.55:63281" - txBytes: 108 - src: "100.111.22.33:21291" proto: 6 + rxBytes: 112 rxPkts: 2 + src: "100.111.22.33:21291" + txBytes: 108 txPkts: 2 - - rxBytes: 728 dst: "100.44.55.66:2049" - txBytes: 900 - src: "100.111.22.33:864" proto: 6 + rxBytes: 728 rxPkts: 3 + src: "100.111.22.33:864" + txBytes: 900 txPkts: 6 - - rxBytes: 432 dst: "100.99.888.77:2049" - txBytes: 596 - src: "100.111.22.33:723" proto: 6 + rxBytes: 432 rxPkts: 2 + src: "100.111.22.33:723" + txBytes: 596 txPkts: 4 - - rxBytes: 112 dst: "100.111.44.55:63280" - txBytes: 108 - src: "100.111.22.33:21291" proto: 6 + rxBytes: 112 rxPkts: 2 + src: "100.111.22.33:21291" + txBytes: 108 txPkts: 2 message: |- { diff --git a/twingate/assets/logs/twingate_tests.yaml b/twingate/assets/logs/twingate_tests.yaml index 5c76a2f3c7..a6d9f7783b 100644 --- a/twingate/assets/logs/twingate_tests.yaml +++ b/twingate/assets/logs/twingate_tests.yaml @@ -163,17 +163,17 @@ tests: transport: "tcp" relays: - - port: 30000 ip: "35.188.149.148" name: "relaybalancer+https://relays.stg.opstg.com" + port: 30000 - - port: 30001 ip: "35.188.149.148" name: "relaybalancer+https://relays.stg.opstg.com" + port: 30001 - - port: 30002 ip: "35.188.149.148" name: "relaybalancer+https://relays.stg.opstg.com" + port: 30002 remote_network: id: "90490" name: "datadog partner" diff --git a/watchtower_ziris/assets/logs/ziris_tests.yaml b/watchtower_ziris/assets/logs/ziris_tests.yaml index e22f75e83a..65227c6cf0 100644 --- a/watchtower_ziris/assets/logs/ziris_tests.yaml +++ b/watchtower_ziris/assets/logs/ziris_tests.yaml @@ -119,92 +119,92 @@ tests: resource: attributes: - + key: "host.arch" value: stringValue: "s390x" - key: "host.arch" - + key: "host.name" value: stringValue: "LPAR" - key: "host.name" - + key: "os.type" value: stringValue: "z_os" - key: "os.type" - + key: "service.name" value: stringValue: "CICSREG" - key: "service.name" - + key: "zos.cics.region_name" value: stringValue: "CICSREG" - key: "zos.cics.region_name" - + key: "zos.subsystem_name" value: stringValue: "CICS" - key: "zos.subsystem_name" - + key: "zos.vtam.application.id" value: stringValue: "CICSAPPL" - key: "zos.vtam.application.id" scopeLogs: - - scope: - name: "com.broadcom.ziris.irontap" - version: "unit-test-version" logRecords: - - severityText: "ERROR" - observedTimeUnixNano: "1693915217590000000" - timeUnixNano: "1776162451356400146" - flags: 1 attributes: - + key: "zos.cics.exception.number" value: intValue: "1" - key: "zos.cics.exception.number" - + key: "zos.cics.exception.resource_id" value: stringValue: "DF007505" - key: "zos.cics.exception.resource_id" - + key: "zos.cics.exception.resource_type" value: stringValue: "TEMPSTOR" - key: "zos.cics.exception.resource_type" - + key: "zos.cics.exception.type" value: stringValue: "BUFFER_WAIT" - key: "zos.cics.exception.type" - + key: "zos.cics.transaction.id" value: stringValue: "TRAN" - key: "zos.cics.transaction.id" - + key: "zos.cics.transaction.number" value: intValue: "41436" - key: "zos.cics.transaction.number" - + key: "zos.cics.transaction.priority" value: stringValue: "000000FA" - key: "zos.cics.transaction.priority" - + key: "zos.cics.transaction.program.name" value: stringValue: "PGMNAME" - key: "zos.cics.transaction.program.name" - + key: "zos.cics.transaction.start_type" value: stringValue: "SD" - key: "zos.cics.transaction.start_type" - + key: "zos.cics.transaction.user_id" value: stringValue: "USER01" - key: "zos.cics.transaction.user_id" - severityNumber: "SEVERITY_NUMBER_ERROR" body: stringValue: | Exception Type: BUFFER_WAIT Exception Resource Type: TEMPSTOR Exception Resource Id: DF007505 Meaning: Wait for buffer associated with DFHTEMP + flags: 1 + observedTimeUnixNano: "1693915217590000000" + severityNumber: "SEVERITY_NUMBER_ERROR" + severityText: "ERROR" + timeUnixNano: "1776162451356400146" + scope: + name: "com.broadcom.ziris.irontap" + version: "unit-test-version" message: |- { "resourceLogs" : [ { From 55584b74c225a9401f2ecbfafe7f2002d98b9b2f Mon Sep 17 00:00:00 2001 From: Vincent Roy Date: Mon, 15 Jun 2026 13:49:17 +0200 Subject: [PATCH 2/2] fix: sort deeply nested map keys inside list items (complete deepSort) --- .../logs/contrast-security-adr_tests.yaml | 16 +- doppler/assets/logs/doppler_tests.yaml | 8 +- .../f5-distributed-cloud-services_tests.yaml | 18 +- .../assets/logs/jamfprotect_tests.yaml | 310 +++++++++--------- lacework/assets/logs/lacework_tests.yaml | 72 ++-- .../logs/loadrunner_professional_tests.yaml | 2 +- vercel/assets/logs/vercel_tests.yaml | 4 +- 7 files changed, 215 insertions(+), 215 deletions(-) diff --git a/contrast_security_adr/assets/logs/contrast-security-adr_tests.yaml b/contrast_security_adr/assets/logs/contrast-security-adr_tests.yaml index f91cbcf105..25a26204b5 100644 --- a/contrast_security_adr/assets/logs/contrast-security-adr_tests.yaml +++ b/contrast_security_adr/assets/logs/contrast-security-adr_tests.yaml @@ -161,21 +161,21 @@ tests: method: "executeQuery()" stack: - - fileName: "ObservationFilterChainDecorator.java" - shortSummary: "wrapFilter() @ ObservationFilterChainDecorator.java:240" + className: "org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter" description: "org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.wrapFilter(ObservationFilterChainDecorator.java:240)" + fileName: "ObservationFilterChainDecorator.java" + lineNumber: 240 methodName: "wrapFilter" - className: "org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter" + shortSummary: "wrapFilter() @ ObservationFilterChainDecorator.java:240" type: "frameCommon" - lineNumber: 240 - - fileName: "ObservationFilterChainDecorator.java" - shortSummary: "doFilter() @ ObservationFilterChainDecorator.java:227" + className: "org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter" description: "org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter.doFilter(ObservationFilterChainDecorator.java:227)" + fileName: "ObservationFilterChainDecorator.java" + lineNumber: 227 methodName: "doFilter" - className: "org.springframework.security.web.ObservationFilterChainDecorator$ObservationFilter" + shortSummary: "doFilter() @ ObservationFilterChainDecorator.java:227" type: "frameCommon" - lineNumber: 227 detectedTime: "1765979488" environment: "production" eventUuid: "1678918a-103f-4030-a416-3b8766e47e19" diff --git a/doppler/assets/logs/doppler_tests.yaml b/doppler/assets/logs/doppler_tests.yaml index 10b0074215..efda4ac9d8 100644 --- a/doppler/assets/logs/doppler_tests.yaml +++ b/doppler/assets/logs/doppler_tests.yaml @@ -29,9 +29,9 @@ tests: title: "Activity Log: wpmULcSfO9sNxKdVUeaO0HK2" type: "services.datadog.connect" usr: + email: "nic.manoogian@doppler.com" name: "Nic Manoogian" profileImageUrl: "https://www.gravatar.com/avatar/7f447a6cfe4f594f91c149b9c9ca872d?s=500&d=retro" - email: "nic.manoogian@doppler.com" username: "nic" workplace: id: "30bd9e7d881446ce1bf8" @@ -78,9 +78,9 @@ tests: title: "Activity Log: fOypzrlnQ6H3OMLq6RV12ZMO" type: "enclave.project.create" usr: + email: "nic.manoogian@doppler.com" name: "Nic Manoogian" profileImageUrl: "https://www.gravatar.com/avatar/7f447a6cfe4f594f91c149b9c9ca872d?s=500&d=retro" - email: "nic.manoogian@doppler.com" username: "nic" workplace: id: "30bd9e7d881446ce1bf8" @@ -141,9 +141,9 @@ tests: title: "Activity Log: Z3XK3tynBCd3u7bzBKJS6ntN" type: "enclave.project.config.secrets.update" usr: + email: "nic.manoogian@doppler.com" name: "Nic Manoogian" profileImageUrl: "https://www.gravatar.com/avatar/7f447a6cfe4f594f91c149b9c9ca872d?s=500&d=retro" - email: "nic.manoogian@doppler.com" username: "nic" workplace: id: "30bd9e7d881446ce1bf8" @@ -189,8 +189,8 @@ tests: type: "team.seat.update" usr: email: "nic.manoogian@doppler.com" - profileImageUrl: "https://www.gravatar.com/avatar/7f447a6cfe4f594f91c149b9c9ca872d?s=500&d=retro" name: "Nic Manoogian" + profileImageUrl: "https://www.gravatar.com/avatar/7f447a6cfe4f594f91c149b9c9ca872d?s=500&d=retro" username: "nic" workplace: id: "30bd9e7d881446ce1bf8" diff --git a/f5-distributed-cloud/assets/logs/f5-distributed-cloud-services_tests.yaml b/f5-distributed-cloud/assets/logs/f5-distributed-cloud-services_tests.yaml index 495e63d37e..66c0773c04 100644 --- a/f5-distributed-cloud/assets/logs/f5-distributed-cloud-services_tests.yaml +++ b/f5-distributed-cloud/assets/logs/f5-distributed-cloud-services_tests.yaml @@ -640,16 +640,16 @@ tests: - "IP" results: - - indicator: "10.10.10.10" additional_data: ipsets: "tor_exit_nodes" ipsets_about: "An ipset made from tor exit nodes updated every 30 minutes." + category: "tor" + indicator: "10.10.10.10" + intention: "unknown" source: name: "Tor Exit Nodes" url: "https://www.dan.me.uk/torlist/?exit" type: "IP" - category: "tor" - intention: "unknown" time: "2024-07-15T09:56:47.281Z" tls_fingerprint: "d0ee3237a14bbd89ca4d2b5356ab20ba" usr: @@ -1062,16 +1062,16 @@ tests: - "IP" results: - - indicator: "10.10.10.10" additional_data: ipsets: "tor_exit_nodes" ipsets_about: "An ipset made from tor exit nodes updated every 30 minutes." + category: "tor" + indicator: "10.10.10.10" + intention: "unknown" source: name: "Tor Exit Nodes" url: "https://www.dan.me.uk/torlist/?exit" type: "IP" - category: "tor" - intention: "unknown" time: "2024-07-15T09:58:23.671Z" tls_fingerprint: "d0ee3237a14bbd89ca4d2b5356ab20ba" usr: @@ -1449,16 +1449,16 @@ tests: - "IP" results: - - indicator: "10.10.10.10" additional_data: ipsets: "tor_exit_nodes" ipsets_about: "An ipset made from tor exit nodes updated every 30 minutes." + category: "tor" + indicator: "10.10.10.10" + intention: "unknown" source: name: "Tor Exit Nodes" url: "https://www.dan.me.uk/torlist/?exit" type: "IP" - category: "tor" - intention: "unknown" time: "2024-07-15T09:58:20.672Z" tls_fingerprint: "d0ee3237a14bbd89ca4d2b5356ab20ba" usr: diff --git a/jamf_protect/assets/logs/jamfprotect_tests.yaml b/jamf_protect/assets/logs/jamfprotect_tests.yaml index 855b54b982..0784f18f8a 100644 --- a/jamf_protect/assets/logs/jamfprotect_tests.yaml +++ b/jamf_protect/assets/logs/jamfprotect_tests.yaml @@ -287,15 +287,15 @@ tests: uuid: "5351804D-6C9C-4AFC-91C2-D20DFB71520F" facts: - - severity: 0 - name: "LoginWindow Activity" actions: - name: "Report" human: "LoginWindow Activity" - uuid: "1302521B-F290-4226-994B-1E7B703818B2" + name: "LoginWindow Activity" + severity: 0 tags: - "LoginWindow" + uuid: "1302521B-F290-4226-994B-1E7B703818B2" severity: 0 tags: - "LoginWindow" @@ -675,11 +675,10 @@ tests: name: "CacheFile" context: - - valueType: "String" name: "Signer" value: "1" - - valueType: "String" + - name: "BundleURLTypes" value: |- { @@ -713,6 +712,7 @@ tests: "msal535d1baf-a26f-4c40-82af-ddf3e1aaebe2" ); } + valueType: "String" custom: false event: dev: 16777220 @@ -728,10 +728,13 @@ tests: uuid: "5E8CD58C-3E93-493C-8AE5-7F0825320D3C" facts: - - severity: 0 + actions: + - + name: "Report" + - + name: "CacheFile" context: - - valueType: "String" name: "BundleURLTypes" value: |- { @@ -765,21 +768,18 @@ tests: "msal535d1baf-a26f-4c40-82af-ddf3e1aaebe2" ); } - - valueType: "String" + - name: "Signer" value: "1" - name: "CustomURLHandlerCreation" - actions: - - - name: "Report" - - - name: "CacheFile" + valueType: "String" human: "Application that uses custom url handler created" - uuid: "25A295CA-F4B3-4F78-8FAA-80E9182645F1" - version: 1 + name: "CustomURLHandlerCreation" + severity: 0 tags: - "Visibility" + uuid: "25A295CA-F4B3-4F78-8FAA-80E9182645F1" + version: 1 severity: 0 tags: - "Visibility" @@ -787,132 +787,132 @@ tests: related: binaries: - - isDownload: false + accessed: 1694870910 + changed: 1694870910 + created: 1694870910 + fsid: 16777220 gid: 0 + inode: 1152921500312338600 + isAppBundle: false + isDirectory: false + isDownload: false + isScreenShot: false + mode: 33261 + modified: 1694870910 + objectType: "GPSystemObject" + path: "/System/Library/PrivateFrameworks/PackageKit.framework/Versions/A/Resources/shove" + sha1hex: "926f85c4638a65e96660306a5c2969bee093b0d7" + sha256hex: "cef7dbe4c7016a90b0234310751e5bf90362fdb490b3072bf31c319a21362091" signingInfo: - informationStage: "extended" appid: "com.apple.shove" - teamid: "" - signerType: 0 authorities: - "Software Signing" - "Apple Code Signing Certification Authority" - "Apple Root CA" cdhash: "qFnUqCDcaIaYPLT6sq5arHVRTGU=" - statusMessage: "No error." + informationStage: "extended" + signerType: 0 status: 0 - sha1hex: "926f85c4638a65e96660306a5c2969bee093b0d7" - created: 1694870910 + statusMessage: "No error." + teamid: "" + size: 169872 + uid: 0 + - accessed: 1694870910 - objectType: "GPSystemObject" + changed: 1694870910 + created: 1694870910 + fsid: 16777220 + gid: 0 inode: 1152921500312338600 - mode: 33261 - path: "/System/Library/PrivateFrameworks/PackageKit.framework/Versions/A/Resources/shove" - uid: 0 - size: 169872 isAppBundle: false - fsid: 16777220 - isScreenShot: false - modified: 1694870910 isDirectory: false - changed: 1694870910 - sha256hex: "cef7dbe4c7016a90b0234310751e5bf90362fdb490b3072bf31c319a21362091" - - isDownload: false - gid: 0 + isScreenShot: false + mode: 33261 + modified: 1694870910 + objectType: "GPSystemObject" + path: "/System/Library/PrivateFrameworks/PackageKit.framework/Versions/A/Resources/installd" + sha1hex: "77ed2e5cd9ddbf875b34f66b1f557c87c4cba019" + sha256hex: "6fd7889dd1f7b8d23575d38e42f1471885c0eaabd3b861ba9cd39cc915bc7fab" signingInfo: - informationStage: "extended" appid: "com.apple.installd" - teamid: "" - signerType: 0 authorities: - "Software Signing" - "Apple Code Signing Certification Authority" - "Apple Root CA" cdhash: "IxnuXBpC3LbYIa7aEyeVEbwA4EA=" - statusMessage: "No error." + informationStage: "extended" + signerType: 0 status: 0 - sha1hex: "77ed2e5cd9ddbf875b34f66b1f557c87c4cba019" - created: 1694870910 - accessed: 1694870910 - objectType: "GPSystemObject" - inode: 1152921500312338600 - mode: 33261 - path: "/System/Library/PrivateFrameworks/PackageKit.framework/Versions/A/Resources/installd" - uid: 0 + statusMessage: "No error." + teamid: "" size: 170768 - isAppBundle: false + uid: 0 + - + accessed: 1694870910 + changed: 1694870910 + created: 1694870910 fsid: 16777220 - isScreenShot: false - modified: 1694870910 + gid: 0 + inode: 1152921500312272500 + isAppBundle: false isDirectory: false - changed: 1694870910 - sha256hex: "6fd7889dd1f7b8d23575d38e42f1471885c0eaabd3b861ba9cd39cc915bc7fab" - - isDownload: false - gid: 0 + isScreenShot: false + mode: 33261 + modified: 1694870910 + objectType: "GPSystemObject" + path: "/System/Library/PrivateFrameworks/AppStoreDaemon.framework/Support/appstoreagent" + sha1hex: "8bbb0d63013ef49a91ba21f4b444500b50eacbb4" + sha256hex: "b889e42e0ce42e95f562734747c29daa025cc68aa90b437c3776911a035c5cda" signingInfo: - informationStage: "extended" appid: "com.apple.appstoreagent" - teamid: "" - signerType: 0 authorities: - "Software Signing" - "Apple Code Signing Certification Authority" - "Apple Root CA" cdhash: "TTJop1RfQMDz/9Qea+ZkMnglX2k=" - statusMessage: "No error." + informationStage: "extended" + signerType: 0 status: 0 - sha1hex: "8bbb0d63013ef49a91ba21f4b444500b50eacbb4" - created: 1694870910 - accessed: 1694870910 - objectType: "GPSystemObject" - inode: 1152921500312272500 - mode: 33261 - path: "/System/Library/PrivateFrameworks/AppStoreDaemon.framework/Support/appstoreagent" - uid: 0 + statusMessage: "No error." + teamid: "" size: 10927456 - isAppBundle: false - fsid: 16777220 - isScreenShot: false - modified: 1694870910 - isDirectory: false - changed: 1694870910 - sha256hex: "b889e42e0ce42e95f562734747c29daa025cc68aa90b437c3776911a035c5cda" + uid: 0 files: - - isDownload: false + accessed: 1698111995 + changed: 1698777693 + created: 1698111995 + fsid: 16777220 gid: 0 + inode: 1042830981 + isAppBundle: true + isDirectory: true + isDownload: false + isScreenShot: false + mode: 16877 + modified: 1698111995 + objectType: "GPSystemObject" + path: "/Applications/Notability.app" + sha1hex: "" + sha256hex: "" signingInfo: - informationStage: "extended" appid: "com.gingerlabs.Notability" - teamid: "ZP9ZJ4EF3S" - signerType: 1 authorities: - "Apple Mac OS Application Signing" - "Apple Worldwide Developer Relations Certification Authority" - "Apple Root CA" cdhash: "Wav623Wy9m3YgLPqnNSDUvdbl4E=" - statusMessage: "No error." + informationStage: "extended" + signerType: 1 status: 0 - sha1hex: "" - created: 1698111995 - accessed: 1698111995 - objectType: "GPSystemObject" - inode: 1042830981 - mode: 16877 - path: "/Applications/Notability.app" - uid: 0 + statusMessage: "No error." + teamid: "ZP9ZJ4EF3S" size: 96 - isAppBundle: true - fsid: 16777220 + uid: 0 xattrs: - "com.apple.appstore.metadata" - isScreenShot: false - modified: 1698111995 - isDirectory: true - changed: 1698777693 - sha256hex: "" groups: - gid: 0 @@ -924,25 +924,6 @@ tests: uuid: "C02FL155MD6M14" processes: - - gid: 0 - signingInfo: - informationStage: "extended" - appid: "com.apple.shove" - teamid: "" - signerType: 0 - authorities: - - "Software Signing" - - "Apple Code Signing Certification Authority" - - "Apple Root CA" - cdhash: "qFnUqCDcaIaYPLT6sq5arHVRTGU=" - statusMessage: "No error." - status: 0 - rgid: 0 - pgid: 29993 - pid: 29993 - ruid: 0 - uuid: "BE40DCBE-069A-4F69-93B1-0AB046717713" - ppid: 831 args: - "/System/Library/PrivateFrameworks/PackageKit.framework/Resources/shove" - "-f" @@ -951,81 +932,100 @@ tests: - "Applications/Notability.app" - "/Library/InstallerSandboxes/.PKInstallSandboxManager/B94EACDA-EF4E-4D0D-89F4-1D69A7E47CCF.activeSandbox/Root" - "/" - path: "/System/Library/PrivateFrameworks/PackageKit.framework/Versions/A/Resources/shove" - uid: 0 - originalParentPID: 831 - responsiblePID: 835 - name: "shove" exitCode: 0 + gid: 0 + name: "shove" + originalParentPID: 831 + path: "/System/Library/PrivateFrameworks/PackageKit.framework/Versions/A/Resources/shove" + pgid: 29993 + pid: 29993 + ppid: 831 processIdentifier: 13372855 processType: "GPSystemObject" - startTimestamp: 1698777694 - - - gid: 0 + responsiblePID: 835 + rgid: 0 + ruid: 0 signingInfo: - informationStage: "extended" - appid: "com.apple.installd" - teamid: "" - signerType: 0 + appid: "com.apple.shove" authorities: - "Software Signing" - "Apple Code Signing Certification Authority" - "Apple Root CA" - cdhash: "IxnuXBpC3LbYIa7aEyeVEbwA4EA=" - statusMessage: "No error." + cdhash: "qFnUqCDcaIaYPLT6sq5arHVRTGU=" + informationStage: "extended" + signerType: 0 status: 0 - rgid: 0 - pgid: 831 - pid: 831 - ruid: 0 - uuid: "6B7192A1-976A-4BF1-AC03-046908543C67" - ppid: 1 + statusMessage: "No error." + teamid: "" + startTimestamp: 1698777694 + uid: 0 + uuid: "BE40DCBE-069A-4F69-93B1-0AB046717713" + - args: - "/System/Library/PrivateFrameworks/PackageKit.framework/Resources/installd" - path: "/System/Library/PrivateFrameworks/PackageKit.framework/Versions/A/Resources/installd" - uid: 0 - originalParentPID: 1 - responsiblePID: 835 + gid: 0 name: "installd" + originalParentPID: 1 + path: "/System/Library/PrivateFrameworks/PackageKit.framework/Versions/A/Resources/installd" + pgid: 831 + pid: 831 + ppid: 1 processIdentifier: 1982 processType: "GPSystemObject" - startTimestamp: 1697719388 - - - gid: 20 + responsiblePID: 835 + rgid: 0 + ruid: 0 signingInfo: - informationStage: "extended" - appid: "com.apple.appstoreagent" - teamid: "" - signerType: 0 + appid: "com.apple.installd" authorities: - "Software Signing" - "Apple Code Signing Certification Authority" - "Apple Root CA" - cdhash: "TTJop1RfQMDz/9Qea+ZkMnglX2k=" - statusMessage: "No error." + cdhash: "IxnuXBpC3LbYIa7aEyeVEbwA4EA=" + informationStage: "extended" + signerType: 0 status: 0 - rgid: 20 - pgid: 835 - pid: 835 - ruid: 502 - uuid: "80837E49-FF73-4DF2-BF45-BC792A0089F8" + statusMessage: "No error." + teamid: "" + startTimestamp: 1697719388 + uid: 0 + uuid: "6B7192A1-976A-4BF1-AC03-046908543C67" + - args: - "/System/Library/PrivateFrameworks/AppStoreDaemon.framework/Support/appstoreagent" - path: "/System/Library/PrivateFrameworks/AppStoreDaemon.framework/Support/appstoreagent" - uid: 502 - responsiblePID: 835 + gid: 20 name: "appstoreagent" + path: "/System/Library/PrivateFrameworks/AppStoreDaemon.framework/Support/appstoreagent" + pgid: 835 + pid: 835 processIdentifier: 2001 processType: "GPSystemObject" + responsiblePID: 835 + rgid: 20 + ruid: 502 + signingInfo: + appid: "com.apple.appstoreagent" + authorities: + - "Software Signing" + - "Apple Code Signing Certification Authority" + - "Apple Root CA" + cdhash: "TTJop1RfQMDz/9Qea+ZkMnglX2k=" + informationStage: "extended" + signerType: 0 + status: 0 + statusMessage: "No error." + teamid: "" startTimestamp: 1697719388 + uid: 502 + uuid: "80837E49-FF73-4DF2-BF45-BC792A0089F8" users: - - uid: 0 name: "root" + uid: 0 uuid: "C02FL155MD6M0" - - uid: 502 name: "matthew.ward" + uid: 502 uuid: "C02FL155MD6M1f6" network: client: diff --git a/lacework/assets/logs/lacework_tests.yaml b/lacework/assets/logs/lacework_tests.yaml index 64a74a6b00..3fcfab1ae6 100644 --- a/lacework/assets/logs/lacework_tests.yaml +++ b/lacework/assets/logs/lacework_tests.yaml @@ -105,71 +105,71 @@ tests: EVENT_DETAILS: data: - - START_TIME: "2019-11-06T18:00:00Z" END_TIME: "2019-11-06T19:00:00Z" - EVENT_MODEL: "CloudTrailCep" - EVENT_TYPE: "IAMPolicyChanged" ENTITY_MAP: + API: + - + API: "AttachUserPolicy" + SERVICE: "iam.amazonaws.com" + mapConfig: + API: "AttachUserPolicy" + SERVICE: "iam.amazonaws.com" + - + API: "DetachUserPolicy" + SERVICE: "iam.amazonaws.com" + mapConfig: + API: "DetachUserPolicy" + SERVICE: "iam.amazonaws.com" + Region: + - + ACCOUNT_LIST: + - "631664038012" + REGION: "us-east-1" + mapConfig: + ACCOUNT_LIST: + - "631664038012" + REGION: "us-east-1" Resource: - + NAME: "policyArn" VALUE: "arn:aws:iam::aws:policy/AmazonEC2FullAccess" mapConfig: - VALUE: "arn:aws:iam::aws:policy/AmazonEC2FullAccess" NAME: "policyArn" - NAME: "policyArn" + VALUE: "arn:aws:iam::aws:policy/AmazonEC2FullAccess" - + NAME: "policyArn" VALUE: "arn:aws:iam::aws:policy/AmazonS3FullAccess" mapConfig: - VALUE: "arn:aws:iam::aws:policy/AmazonS3FullAccess" NAME: "policyArn" - NAME: "policyArn" + VALUE: "arn:aws:iam::aws:policy/AmazonS3FullAccess" - + NAME: "userName" VALUE: "demowed06nov19180003" mapConfig: - VALUE: "demowed06nov19180003" NAME: "userName" - NAME: "userName" + VALUE: "demowed06nov19180003" - + NAME: "userName" VALUE: "demowed06nov19183002" mapConfig: - VALUE: "demowed06nov19183002" NAME: "userName" - NAME: "userName" - Region: - - - ACCOUNT_LIST: - - "631664038012" - mapConfig: - ACCOUNT_LIST: - - "631664038012" - REGION: "us-east-1" - REGION: "us-east-1" - API: - - - SERVICE: "iam.amazonaws.com" - API: "AttachUserPolicy" - mapConfig: - SERVICE: "iam.amazonaws.com" - API: "AttachUserPolicy" - - - SERVICE: "iam.amazonaws.com" - API: "DetachUserPolicy" - mapConfig: - SERVICE: "iam.amazonaws.com" - API: "DetachUserPolicy" + VALUE: "demowed06nov19183002" SourceIpAddress: - - COUNTRY: "United States" CITY: "Portland" + COUNTRY: "United States" IP_ADDRESS: "34.220.57.225" + REGION: "Oregon" mapConfig: - COUNTRY: "United States" CITY: "Portland" + COUNTRY: "United States" IP_ADDRESS: "34.220.57.225" REGION: "Oregon" - REGION: "Oregon" EVENT_ACTOR: "Aws" EVENT_ID: "24421" + EVENT_MODEL: "CloudTrailCep" + EVENT_TYPE: "IAMPolicyChanged" + START_TIME: "2019-11-06T18:00:00Z" EVENT_ID: 24421 EVENT_NAME: "IAM Policy Changed" EVENT_TYPE: "IAMPolicyChanged" diff --git a/loadrunner_professional/assets/logs/loadrunner_professional_tests.yaml b/loadrunner_professional/assets/logs/loadrunner_professional_tests.yaml index e72c0ba422..58ce19ff8e 100644 --- a/loadrunner_professional/assets/logs/loadrunner_professional_tests.yaml +++ b/loadrunner_professional/assets/logs/loadrunner_professional_tests.yaml @@ -16,8 +16,8 @@ tests: version: "2024.1.0.0" scripts: - - path: "C:\\Users\\user1\\Desktop\\WebHttpHtml1" name: "webhttphtml1" + path: "C:\\Users\\user1\\Desktop\\WebHttpHtml1" type: "Multi+QTWeb" summary: goal_profile_name: "Schedule 1" diff --git a/vercel/assets/logs/vercel_tests.yaml b/vercel/assets/logs/vercel_tests.yaml index c8ffe17596..580699343f 100644 --- a/vercel/assets/logs/vercel_tests.yaml +++ b/vercel/assets/logs/vercel_tests.yaml @@ -62,10 +62,10 @@ tests: url_host: "verceltb-9hrosuv8e-zaphodBeeblebrox-dd.vercel.app" message: "START RequestId: 85ea8a46-d63e-4fe3-ad03-ade7c16cd36b Version: $LATEST END RequestId: 85ea8a46-d63e-4fe3-ad03-ade7c16cd36b REPORT RequestId: 85ea8a46-d63e-4fe3-ad03-ade7c16cd36b Duration: 0.58 ms Billed Duration: 1 ms Memory Size: 1024 MB Max Memory Used: 31 MB" service: "projectName.vercel.app" + span_id: "1012381427123789198737891237891" + status: "ok" tags: - "source:LOGS_SOURCE" timestamp: "2021-08-24T15:43:17.812Z" trace_id: "85ea8a46-d63e-4fe3-ad03-ade7c16cd36b" - span_id: "1012381427123789198737891237891" -