rubinatorz
commented
10 months ago Hi @RobbeVandenDaele
The applicable_to value should be a list. So if you convert for example:
- applicable_to: WAF
to
- applicable_to: [WAF]
And do that for all items, then it should work.
The Editor is quite strict in this. The CLI python tool is more tolerant, but will give a warning:
[!] The below YAML file contains possible errors. It's recommended to check via the '--health' argument.
And if you do a health check, you'll see:
[!] Technique ID: T1190 the key-value pair 'applicable_to' in 'detection' is NOT a list
Hi,
I have a techniques file with a lot of detections related to certain data sources per technique. When I try to upload the file in the DeTT&CT Editor I get errors saying "A duplicate value for 'applicable_to' was found within the detection section if technique: ''"
When checking the file, I do not find any duplicate value for the 'applicable_to' property within one technique. I also see that the 'applicable_to' field that is being shown in the error is not the real 'applicable_to' field but only the first character:
Can it be that this is a bug in the editor? Or is my techniques file really not correct? I will drop my techniques file so the issue can be reproduced. techniques_new.txt
Thank you in advance. Kind regards Robbe