contentctl
contentctl copied to clipboard
splunk
Splunk Content Control Tool
Updates the requirements on [requests](https://github.com/psf/requests) to permit the latest version. Release notes Sourced from requests's releases. v2.32.2 2.32.2 (2024-05-21) Deprecations To provide a more stable migration for custom HTTPAdapters impacted...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Updates the requirements on [setuptools](https://github.com/pypa/setuptools) to permit the latest version. Changelog Sourced from setuptools's changelog. v70.0.0 Features Emit a warning when [tools.setuptools] is present in pyproject.toml and will be ignored....
I've created some Custom alert_action to add additional support for pagerduty and Jira. I have a feeling these applications are popular enough that this feature would benefit the wider contentctl...
Add an additional field to savedsearches.conf called `request.ui_dispatch_app = SplunkEnterpriseSecuritySuite` This ensures proper tracking/accounting for the context under which searches run in-app. There are a number of changes to other...
I am new to using ContentCTL, and other than what is in the Readme, I've been unable to find any more documentation to help. For example, how do I configure...
Experimental support for dashboards as first-class SecurityContentObjects.
This set of changes adds acs_deploy functionality to contentctl 4.x. It is mostly a port and cleanup of how it was implemented in contentctl 3.x. It also addresses some warnings...
# Context * As part of PEX-363, we wanted to expand integration testing to validate risk message content * If invalid fields are referenced in the risk message, they will...
Resolve dependabot PRs and update dependencies: https://github.com/splunk/contentctl/pull/141 https://github.com/splunk/contentctl/pull/140
When creating a correlation search manually via the GUI in Splunk Enterprise Security, the annotations are created without spaces. An example: `{"cis20":["CIS 10"],"kill_chain_phases":["Exploitation"],"mitre_attack":["T1003.001","T1003"],"nist":["DE.CM"],"confidence":90,"impact":90,"analytic_story":["Credential Dumping"]}` The same query done via ESCU...
