Fix truthiness of 'limit=0'

target / huntlib

A Python library to help with some common threat hunting data analysis operations

MIT License

138 stars 22 forks source link

Closed gregbuehler closed 4 years ago

gregbuehler commented 5 years ago

If limit (and thereby count) is passed as 0, this returns an unlimited result set that does use the oneshot job.

This resolves #4

gregbuehler commented 4 years ago

Just for clarification, getting a complete result set requires passing limit as 0, but since 0 is evaluated as false it uses the wrong search type.

DavidJBianco commented 4 years ago

Due to updates in 0.4.0/0.4.5 SplunkDF code, this is no longer necessary, as the code has been extensively rewritten.