sigma-cve relationships failing bug

muchdogesec / arango_cti_processor

A small script that creates relationships between common CTI knowledge-bases in STIX 2.1 format.

https://www.dogesec.com/

Apache License 2.0

3 stars 0 forks source link

sigma-cve relationships failing bug #17

Closed himynamesdave closed 3 months ago

himynamesdave commented 3 months ago

https://github.com/muchdogesec/arango_cti_processor/blob/adding-tests/tests/README.md#test-80-test-sigma-rule-indicator-to-cve-vulnerability

test is failing

        RETURN LENGTH(
          FOR doc IN sigma_rules_edge_collection
            FILTER doc._is_latest == true
            AND doc._arango_cti_processor_note == "sigma-cve"
            RETURN [doc]
        )

returns 0 results after test is run, suggesting no sros created.

fqrious commented 3 months ago

the files are outdated, sigma2stix no longer use labels but instead uses external_references. and that's why nothing was uploaded

himynamesdave commented 3 months ago

closing for #18