Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Revert "[Rule Tuning] Interactive Terminal Spawned via Python - Python3 and bypasses fix" #1731

Merged
merged 1 commit into from
Jan 26, 2022
Merged

Revert "[Rule Tuning] Interactive Terminal Spawned via Python - Python3 and bypasses fix" #1731

merged 1 commit into from
Jan 26, 2022

Conversation

brokensound77
Copy link
Contributor

Issue

related to #1730

Description

Rolls back changes to rule due to a bug (8.0) where existing rules change rule type. We can explore adding these changes back in after a fix is implemented.

If the change is needed urgently before that, we can deprecate this rule and create a new one with the changes

@brokensound77 brokensound77 added the Rule: Tuning tweaking or tuning an existing rule label Jan 26, 2022
@brokensound77 brokensound77 mentioned this pull request Jan 26, 2022
Closed
3 tasks
@brokensound77 brokensound77 merged commit 84d55c8 into main Jan 26, 2022
@brokensound77 brokensound77 deleted the revert-1649-py_pty branch January 26, 2022 20:41
protectionsmachine pushed a commit that referenced this pull request Jan 26, 2022
@brokensound77 @github-actions
Revert "[Rule Tuning] Interactive Terminal Spawned via Python - Pytho…
2e904a3 
…n3 and bypasses fix (#1649)" (#1731)

This reverts commit 625d1df.

(cherry picked from commit 84d55c8)
protectionsmachine pushed a commit that referenced this pull request Jan 26, 2022
@brokensound77 @github-actions
Revert "[Rule Tuning] Interactive Terminal Spawned via Python - Pytho…
bf9627d 
…n3 and bypasses fix (#1649)" (#1731)

This reverts commit 625d1df.

(cherry picked from commit 84d55c8)
protectionsmachine pushed a commit that referenced this pull request Jan 26, 2022
@brokensound77 @github-actions
Revert "[Rule Tuning] Interactive Terminal Spawned via Python - Pytho…
56b2786 
…n3 and bypasses fix (#1649)" (#1731)

This reverts commit 625d1df.

(cherry picked from commit 84d55c8)
@brokensound77 brokensound77 mentioned this pull request Jan 26, 2022
Merged
1 task
protectionsmachine pushed a commit that referenced this pull request Jan 26, 2022
@brokensound77 @github-actions
Revert "[Rule Tuning] Interactive Terminal Spawned via Python - Pytho…
6a62632 
…n3 and bypasses fix (#1649)" (#1731)

This reverts commit 625d1df.

(cherry picked from commit 84d55c8)
DefSecSentinel
DefSecSentinel reviewed Jan 26, 2022
View reviewed changes
Copy link
Contributor

@DefSecSentinel DefSecSentinel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

protectionsmachine pushed a commit that referenced this pull request Jan 26, 2022
@brokensound77 @github-actions
Revert "[Rule Tuning] Interactive Terminal Spawned via Python - Pytho…
646e920 
…n3 and bypasses fix (#1649)" (#1731)

This reverts commit 625d1df.

(cherry picked from commit 84d55c8)
brokensound77 added a commit to elastic/kibana that referenced this pull request Jan 27, 2022
@brokensound77
[Detection Engine] Adds 8.0 rules (#123786)
36722fa 
* [Detection Rules] Add 8.0 rules
* rollback changes for python tty rule elastic/detection-rules#1731
kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Jan 27, 2022
@brokensound77 @kibanamachine
[Detection Engine] Adds 8.0 rules (elastic#123786)
f698ae5 
* [Detection Rules] Add 8.0 rules
* rollback changes for python tty rule elastic/detection-rules#1731

(cherry picked from commit 36722fa)
kibanamachine added a commit to elastic/kibana that referenced this pull request Jan 27, 2022
@kibanamachine @brokensound77
[Detection Engine] Adds 8.0 rules (#123786) (#123887)
1a07a1a 
* [Detection Rules] Add 8.0 rules
* rollback changes for python tty rule elastic/detection-rules#1731

(cherry picked from commit 36722fa)

Co-authored-by: Justin Ibarra <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DefSecSentinel DefSecSentinel DefSecSentinel left review comments

@w0rk3r w0rk3r w0rk3r approved these changes

Assignees
No one assigned
Labels
backport: auto Domain: Endpoint OS: Linux Rule: Tuning tweaking or tuning an existing rule
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@brokensound77 @w0rk3r @DefSecSentinel