search

ananyalahiri2003 / sigma_attack

Repo to work with Sigma Rules
2 stars 1 forks source link

logical flaw in text extraction #4

Closed priamai closed 2 months ago

priamai commented 3 months ago

You have to pay attention in this function:


def extract_data_points(parsed_list, fields):
    extracted = []
    for datum in parsed_list:
        record = {}
        for field in fields:
            if field in datum:
                record[field] = datum[field]
            else:
                record[field] = None
        try:
            description = datum["description"]
            falsepositives = datum["falsepositives"]
            combined = f"{description} {falsepositives}"
            combined = clean_text(combined)
            record['text'] = combined
        except Exception as e:
            print(f"Could not created combined text: {e}")
        extracted.append(record)
    return extracted

If the false positive field or description are missing the record will have no text, therefore it should not be appended into the extracted list.

ananyalahiri2003 commented 2 months ago

Thanks, now added logic to not append if either field is missing.

ananyalahiri2003 commented 2 months ago

Sorry, will let you close this issue

priamai commented 2 months ago

Ahah thanks!

Sent from Outlook for Androidhttps://aka.ms/AAb9ysg

From: ananyalahiri2003 @.> Sent: Sunday, July 28, 2024 12:34:42 PM To: ananyalahiri2003/sigma_attack @.> Cc: Paolo Di Prodi @.>; Author @.> Subject: Re: [ananyalahiri2003/sigma_attack] logical flaw in text extraction (Issue #4)

Sorry, will let you close this issue

— Reply to this email directly, view it on GitHubhttps://github.com/ananyalahiri2003/sigma_attack/issues/4#issuecomment-2254467282, or unsubscribehttps://github.com/notifications/unsubscribe-auth/ANVNMBQ337W52FUQMP2WLDTZOTCMFAVCNFSM6AAAAABLHBOCWKVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDENJUGQ3DOMRYGI. You are receiving this because you authored the thread.Message ID: @.***>