Update LQL to LEQL

rapid7 · Oct 11, 2023 · f5dcc3a · f5dcc3a
1 parent cace5e0
commit f5dcc3a
Show file tree

Hide file tree

Showing 5 changed files with 9 additions and 9 deletions.
diff --git a/plugins/rapid7_insightidr/.CHECKSUM b/plugins/rapid7_insightidr/.CHECKSUM
@@ -1,5 +1,5 @@
 {
-	"spec": "fd1e8649dc24a0cce31879a7721ad6a0",
+	"spec": "dfe4ce59e40a49cdc6a72fbfa12efb82",
 	"manifest": "b552bbd85165215cb8ca8febaeca721a",
 	"setup": "3abc4ed8b408538efeee0e32e2ff2a5f",
 	"schemas": [
@@ -9,11 +9,11 @@
 		},
 		{
 			"identifier": "advanced_query_on_log/schema.py",
-			"hash": "f1d32e056457d19771171df670c3d57e"
+			"hash": "218cf52cbd4460b58be9610d7cc34556"
 		},
 		{
 			"identifier": "advanced_query_on_log_set/schema.py",
-			"hash": "158fc26ccfcd79e2b2f5a265b92934e9"
+			"hash": "b24ca76d99515523d4a9ded71a4dd275"
 		},
 		{
 			"identifier": "assign_user_to_investigation/schema.py",

diff --git a/plugins/rapid7_insightidr/help.md b/plugins/rapid7_insightidr/help.md
@@ -117,7 +117,7 @@ Realtime query an InsightIDR log. This will query individual logs for results
 |Name|Type|Default|Required|Description|Enum|Example|
 | :--- | :--- | :--- | :--- | :--- | :--- | :--- |
 |log|string|None|True|Log to search|None|Firewall Activity|
-|query|string|None|True|LQL Query|None|where(user=adagentadmin, loose)|
+|query|string|None|True|LEQL Query|None|where(user=adagentadmin, loose)|
 |relative_time|string|Last 5 Minutes|True|A relative time in the past to look for alerts|['Last 5 Minutes', 'Last 10 Minutes', 'Last 20 Minutes', 'Last 30 Minutes', 'Last 45 Minutes', 'Last 1 Hour', 'Last 2 Hours', 'Last 3 Hours', 'Last 6 Hours', 'Last 12 Hours', 'Use Time From Value']|Last 5 Minutes|
 |time_from|string|None|False|Beginning date and time for the query. This will be ignored unless Relative Time input is set to 'Use Time From Value'. The format is flexible and will work with simple dates (e.g. 01-01-2020) to full ISO time (e.g. 01-01-2020T00:00:00)|None|01-01-2020T00:00:00|
 |time_to|string|None|False|Date and time for the end of the query. If left blank, the current time will be used. The format is flexible and will work with simple dates (e.g. 01-01-2020) to full ISO time (e.g. 01-01-2020T00:00:00)|None|12-31-2020T00:00:00|
@@ -215,7 +215,7 @@ Realtime query an InsightIDR log set. This will query entire log sets for result
 |Name|Type|Default|Required|Description|Enum|Example|
 | :--- | :--- | :--- | :--- | :--- | :--- | :--- |
 |log_set|string|None|True|Log Set to search|['Advanced Malware Alert', 'Active Directory Admin Activity', 'Asset Authentication', 'Cloud Service Admin Activity', 'Cloud Service Activity', 'DNS Query', 'Endpoint Activity', 'Endpoint Agent', 'Exploit Mitigation Alert', 'File Access Activity', 'File Modification Activity', 'Firewall Activity', 'Network Flow', 'Host To IP Observations', 'IDS Alert', 'Ingress Authentication', 'Raw Log', 'SSO Authentication', 'Unparsed Data', 'Third Party Alert', 'Virus Alert', 'Web Proxy Activity']|Firewall Activity|
-|query|string|None|True|LQL Query|None|where(user=adagentadmin, loose)|
+|query|string|None|True|LEQL Query|None|where(user=adagentadmin, loose)|
 |relative_time|string|Last 5 Minutes|True|A relative time in the past to look for alerts|['Last 5 Minutes', 'Last 10 Minutes', 'Last 20 Minutes', 'Last 30 Minutes', 'Last 45 Minutes', 'Last 1 Hour', 'Last 2 Hours', 'Last 3 Hours', 'Last 6 Hours', 'Last 12 Hours', 'Use Time From Value']|Last 5 Minutes|
 |time_from|string|None|False|Beginning date and time for the query. This will be ignored unless Relative Time input is set to 'Use Time From Value'. The format is flexible and will work with simple dates (e.g. 01-01-2020) to full ISO time (e.g. 01-01-2020T00:00:00)|None|01-01-2020T00:00:00|
 |time_to|string|None|False|Date and time for the end of the query. If left blank, the current time will be used. The format is flexible and will work with simple dates (e.g. 01-01-2020) to full ISO time (e.g. 01-01-2020T00:00:00)|None|12-31-2020T00:00:00|

diff --git a/plugins/rapid7_insightidr/komand_rapid7_insightidr/actions/advanced_query_on_log/schema.py b/plugins/rapid7_insightidr/komand_rapid7_insightidr/actions/advanced_query_on_log/schema.py
@@ -36,7 +36,7 @@ class AdvancedQueryOnLogInput(insightconnect_plugin_runtime.Input):
     "query": {
       "type": "string",
       "title": "Query",
-      "description": "LQL Query",
+      "description": "LEQL Query",
       "order": 1
     },
     "relative_time": {

diff --git a/...ns/rapid7_insightidr/komand_rapid7_insightidr/actions/advanced_query_on_log_set/schema.py b/...ns/rapid7_insightidr/komand_rapid7_insightidr/actions/advanced_query_on_log_set/schema.py
@@ -60,7 +60,7 @@ class AdvancedQueryOnLogSetInput(insightconnect_plugin_runtime.Input):
     "query": {
       "type": "string",
       "title": "Query",
-      "description": "LQL Query",
+      "description": "LEQL Query",
       "order": 1
     },
     "relative_time": {

diff --git a/plugins/rapid7_insightidr/plugin.spec.yaml b/plugins/rapid7_insightidr/plugin.spec.yaml
@@ -1180,7 +1180,7 @@ actions:
     input:
       query:
         title: Query
-        description: LQL Query
+        description: LEQL Query
         type: string
         example: "where(user=adagentadmin, loose)"
         required: true
@@ -1253,7 +1253,7 @@ actions:
     input:
       query:
         title: Query
-        description: LQL Query
+        description: LEQL Query
         type: string
         example: "where(user=adagentadmin, loose)"
         required: true