change index name

socfortress · Mar 7, 2024 · 358b286 · 358b286
1 parent 5dcc6f6
commit 358b286
Show file tree

Hide file tree

Showing 7 changed files with 28 additions and 28 deletions.
diff --git a/backend/app/integrations/sap_siem/services/sap_siem_brute_force_same_ip.py b/backend/app/integrations/sap_siem/services/sap_siem_brute_force_same_ip.py
@@ -301,8 +301,8 @@ async def collect_user_activity(suspicious_logins: SuspiciousLogin) -> SapSiemWa
     """
     es_client = await create_wazuh_indexer_client("Wazuh-Indexer")
     results = es_client.search(
-        #index="sap_siem_*",
-        index="new-integrations*",
+        index="sap_siem_*",
+        #index="new-integrations*",
         body={
             "size": 1000,
             "query": {"bool": {"must": [{"term": {"ip": suspicious_logins.ip}}]}},
@@ -322,8 +322,8 @@ async def get_initial_search_results(es_client):
         dict: The search results.
     """
     return es_client.search(
-        #index="sap_siem_*",
-        index="new-integrations*",
+        index="sap_siem_*",
+        #index="new-integrations*",
         body={
             "size": 1000,
             "query": {"bool": {"must": [{"term": {"event_analyzed_brute_force_same_ip": "False"}}]}},

diff --git a/backend/app/integrations/sap_siem/services/sap_siem_brute_forced_failed_logins.py b/backend/app/integrations/sap_siem/services/sap_siem_brute_forced_failed_logins.py
@@ -301,8 +301,8 @@ async def collect_user_activity(suspicious_logins: SuspiciousLogin) -> SapSiemWa
     """
     es_client = await create_wazuh_indexer_client("Wazuh-Indexer")
     results = es_client.search(
-        #index="sap_siem_*",
-        index="new-integrations*",
+        index="sap_siem_*",
+        #index="new-integrations*",
         body={
             "size": 1000,
             "query": {"bool": {"must": [{"term": {"params_loginID": suspicious_logins.loginID}}]}},
@@ -322,8 +322,8 @@ async def get_initial_search_results(es_client):
         dict: The search results.
     """
     return es_client.search(
-        #index="sap_siem_*",
-        index="new-integrations*",
+        index="sap_siem_*",
+        #index="new-integrations*",
         body={
             "size": 1000,
             "query": {"bool": {"must": [{"term": {"event_analyzed_brute_force_ip": "False"}}]}},

diff --git a/...nd/app/integrations/sap_siem/services/sap_siem_failed_same_user_different_geo_location.py b/...nd/app/integrations/sap_siem/services/sap_siem_failed_same_user_different_geo_location.py
@@ -301,8 +301,8 @@ async def collect_user_activity(suspicious_logins: SuspiciousLogin) -> SapSiemWa
     """
     es_client = await create_wazuh_indexer_client("Wazuh-Indexer")
     results = es_client.search(
-        #index="sap_siem_*",
-        index="new-integrations*",
+        index="sap_siem_*",
+        #index="new-integrations*",
         body={
             "size": 1000,
             "query": {"bool": {"must": [{"term": {"params_loginID": suspicious_logins.loginID}}]}},
@@ -322,8 +322,8 @@ async def get_initial_search_results(es_client):
         dict: The search results.
     """
     return es_client.search(
-        #index="sap_siem_*",
-        index="new-integrations*",
+        index="sap_siem_*",
+        #index="new-integrations*",
         body={
             "size": 1000,
             "query": {"bool": {"must": [{"term": {"event_analyzed_same_user_failed_diff_geo": "False"}}]}},

diff --git a/backend/app/integrations/sap_siem/services/sap_siem_failed_same_user_from_different_ip.py b/backend/app/integrations/sap_siem/services/sap_siem_failed_same_user_from_different_ip.py
@@ -301,8 +301,8 @@ async def collect_user_activity(suspicious_logins: SuspiciousLogin) -> SapSiemWa
     """
     es_client = await create_wazuh_indexer_client("Wazuh-Indexer")
     results = es_client.search(
-        #index="sap_siem_*",
-        index="new-integrations*",
+        index="sap_siem_*",
+        #index="new-integrations*",
         body={
             "size": 1000,
             "query": {"bool": {"must": [{"term": {"params_loginID": suspicious_logins.loginID}}]}},
@@ -322,8 +322,8 @@ async def get_initial_search_results(es_client):
         dict: The search results.
     """
     return es_client.search(
-        #index="sap_siem_*",
-        index="new-integrations*",
+        index="sap_siem_*",
+        #index="new-integrations*",
         body={
             "size": 1000,
             "query": {"bool": {"must": [{"term": {"event_analyzed_same_user_failed_diff_ip": "False"}}]}},

diff --git a/...tegrations/sap_siem/services/sap_siem_successful_login_same_ip_after_multiple_failures.py b/...tegrations/sap_siem/services/sap_siem_successful_login_same_ip_after_multiple_failures.py
@@ -301,8 +301,8 @@ async def collect_user_activity(suspicious_logins: SuspiciousLogin) -> SapSiemWa
     """
     es_client = await create_wazuh_indexer_client("Wazuh-Indexer")
     results = es_client.search(
-        #index="sap_siem_*",
-        index="new-integrations*",
+        index="sap_siem_*",
+        #index="new-integrations*",
         body={
             "size": 1000,
             "query": {"bool": {"must": [{"term": {"ip": suspicious_logins.ip}}]}},
@@ -322,8 +322,8 @@ async def get_initial_search_results(es_client):
         dict: The search results.
     """
     return es_client.search(
-        #index="sap_siem_*",
-        index="new-integrations*",
+        index="sap_siem_*",
+        #index="new-integrations*",
         body={
             "size": 1000,
             "query": {"bool": {"must": [{"term": {"event_analyzed_successful_login_after_failures_diff_loginID": "False"}}]}},

diff --git a/...pp/integrations/sap_siem/services/sap_siem_successful_same_user_different_geo_location.py b/...pp/integrations/sap_siem/services/sap_siem_successful_same_user_different_geo_location.py
@@ -301,8 +301,8 @@ async def collect_user_activity(suspicious_logins: SuspiciousLogin) -> SapSiemWa
     """
     es_client = await create_wazuh_indexer_client("Wazuh-Indexer")
     results = es_client.search(
-        #index="sap_siem_*",
-        index="new-integrations*",
+        index="sap_siem_*",
+        #index="new-integrations*",
         body={
             "size": 1000,
             "query": {"bool": {"must": [{"term": {"params_loginID": suspicious_logins.loginID}}]}},
@@ -322,8 +322,8 @@ async def get_initial_search_results(es_client):
         dict: The search results.
     """
     return es_client.search(
-        #index="sap_siem_*",
-        index="new-integrations*",
+        index="sap_siem_*",
+        #index="new-integrations*",
         body={
             "size": 1000,
             "query": {"bool": {"must": [{"term": {"event_analyzed_same_user_successful_diff_geo": "False"}}]}},

diff --git a/...integrations/sap_siem/services/sap_siem_successful_user_login_after_using_different_ip.py b/...integrations/sap_siem/services/sap_siem_successful_user_login_after_using_different_ip.py
@@ -301,8 +301,8 @@ async def collect_user_activity(suspicious_logins: SuspiciousLogin) -> SapSiemWa
     """
     es_client = await create_wazuh_indexer_client("Wazuh-Indexer")
     results = es_client.search(
-        #index="sap_siem_*",
-        index="new-integrations*",
+        index="sap_siem_*",
+        #index="new-integrations*",
         body={
             "size": 1000,
             "query": {"bool": {"must": [{"term": {"params_loginID": suspicious_logins.loginID}}]}},
@@ -322,8 +322,8 @@ async def get_initial_search_results(es_client):
         dict: The search results.
     """
     return es_client.search(
-        #index="sap_siem_*",
-        index="new-integrations*",
+        index="sap_siem_*",
+        #index="new-integrations*",
         body={
             "size": 1000,
             "query": {"bool": {"must": [{"term": {"event_analyzed_success_login_diff_ip": "False"}}]}},