Skip to content

Commit

Permalink
Pradeoo: fix on Pradeo MTD parser for application compliance
Browse files Browse the repository at this point in the history
  • Loading branch information
@LenaigKaliou
LenaigKaliou committed Dec 10, 2024
1 parent 5e69d09 commit e927ad7
Show file tree
Hide file tree
Showing 2 changed files with 65 additions and 10 deletions.
20 changes: 10 additions & 10 deletions Pradeo/pradeo-mtd/ingest/parser.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -176,16 +176,16 @@ stages:
pradeo.device.mdmId: "{{json_event.message.content.deviceApplicationCompliance.deviceApplication.device.emmDeviceInfo.externalId}}"
pradeo.device.emm: "{{json_event.message.content.deviceApplicationCompliance.deviceApplication.device.emmDeviceInfo.emm}}"
pradeo.compliance.matchedResponseRules: "{{json_event.message.content.deviceApplication.compliance.matchedResponseRules}}"
pradeo.application.id: "{{json_event.message.content.deviceApplicationCompliance.application.id}}"
pradeo.application.package: "{{json_event.message.content.deviceApplicationCompliance.application.package.package}}"
pradeo.application.system: "{{json_event.message.content.deviceApplicationCompliance.application.package.system}}"
pradeo.application.version: "{{json_event.message.content.deviceApplicationCompliance.application.version}}"
pradeo.application.versionCode: "{{json_event.message.content.deviceApplicationCompliance.application.versionCode}}"
pradeo.application.name: "{{json_event.message.content.deviceApplicationCompliance.application.name}}"
pradeo.application.md5: "{{json_event.message.content.deviceApplicationCompliance.application.md5}}"
pradeo.application.sha1: "{{json_event.message.content.deviceApplicationCompliance.application.sha1}}"
pradeo.application.sha256: "{{json_event.message.content.deviceApplicationCompliance.application.sha256}}"
pradeo.detection.status: "{{json_event.message.content.deviceApplicationCompliance.status}}"
pradeo.application.id: "{{json_event.message.content.deviceApplicationCompliance.deviceApplication.application.id}}"
pradeo.application.package: "{{json_event.message.content.deviceApplicationCompliance.deviceApplication.application.package.package}}"
pradeo.application.system: "{{json_event.message.content.deviceApplicationCompliance.deviceApplication.application.package.system}}"
pradeo.application.version: "{{json_event.message.content.deviceApplicationCompliance.deviceApplication.application.version}}"
pradeo.application.versionCode: "{{json_event.message.content.deviceApplicationCompliance.deviceApplication.application.versionCode}}"
pradeo.application.name: "{{json_event.message.content.deviceApplicationCompliance.deviceApplication.application.name}}"
pradeo.application.md5: "{{json_event.message.content.deviceApplicationCompliance.deviceApplication.application.md5}}"
pradeo.application.sha1: "{{json_event.message.content.deviceApplicationCompliance.deviceApplication.application.sha1}}"
pradeo.application.sha256: "{{json_event.message.content.deviceApplicationCompliance.deviceApplication.application.sha256}}"
pradeo.detection.status: "{{json_event.message.content.deviceApplicationCompliance.deviceApplication.status}}"
- filter: '{{json_event.message.type == "DeviceComplianceUpdated"}}'
set:
event.category: ["process"]
Expand Down
55 changes: 55 additions & 0 deletions Pradeo/pradeo-mtd/tests/application_compliance_updated.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
{
"input": {
"message": "{\n \"id\": \"1234567890\",\n \"creationDate\": \"2024-11-27T04:10:33.460Z\",\n \"source\": \"system\",\n \"category\": null,\n \"type\": \"DeviceApplicationComplianceUpdated\",\n \"content\": {\n \"deviceApplicationCompliance\": {\n \"id\": \"abcdef123456\",\n \"status\": \"Disapproved\",\n \"computed\": true,\n \"creationDate\": \"2024-11-27T04:04:26.482Z\",\n \"lastModificationDate\": \"2024-11-27T04:10:33.000Z\",\n \"deviceApplication\": {\n \"id\": \"123456789ABCDEF\",\n \"application\": {\n \"id\": \"azertyuiop\",\n \"package\": {\n \"id\": \"1234abcd\",\n \"package\": \"com.app.test\",\n \"system\": \"Android\"\n },\n \"version\": \"491.0.0.58.78\",\n \"md5\": \"0fccfdefc882c4be6d2a938001184e08\",\n \"sha1\": \"749c94cd972726ef2b3ccda7e718a2034cc9f6ac\",\n \"sha256\": \"278fde8924687bf22285d2b4415779d96ba967530cae43272029ec53ecc2eee8\",\n \"name\": \"App\",\n \"versionCode\": \"457215664\",\n \"size\": \"64262264\"\n },\n \"device\": {\n \"id\": \"device_id01\",\n \"serialNumber\": \"unknown\",\n \"imei\": null,\n \"name\": \"John\",\n \"email\": null,\n \"singleEnrollmentKey\": \"xxxxxXXXXxxXxxx\",\n \"byod\": false,\n \"lockPassword\": null,\n \"knoxVersion\": null,\n \"declaredOperatingSystem\": \"Android\",\n \"declaredOperatingSystemVersion\": \"10.0.0\",\n \"declaredOperatingSystemSecurityPatchDate\": \"2020-09-01T00:00:00.000Z\",\n \"declaredModel\": \"MODEL 01\",\n \"enrollmentStatus\": {\n \"id\": \"enrollid_12\",\n \"lastConnection\": \"2024-11-27T04:07:32.000Z\",\n \"coupled\": true\n },\n \"emmDeviceInfo\": null\n },\n \"installedAt\": \"2024-08-07T13:40:35.000Z\",\n \"uninstalledAt\": null,\n \"native\": false\n },\n \"matchedResponseRules\": [\n {\n \"id\": \"matched_response_id\",\n \"matchConditions\": [\n {\n \"type\": \"threatLevelIs\",\n \"value\": \"Red\"\n }\n ],\n \"notifyAdministrator\": false,\n \"onDeviceNotification\": false,\n \"action\": \"Disapproved\",\n \"responseRuleset\": {\n \"id\": \"yMXqFSTMT8uDn1ijwCmEGA\",\n \"name\": \"FallBack\",\n \"active\": true,\n \"type\": \"FallBack\",\n \"priority\": 0\n },\n \"priority\": 0\n }\n ]\n }\n },\n \"user\": null,\n \"device\": null,\n \"company\": {\n \"id\": \"ROhGBpGHSi2gpVagfb4FhQ\",\n \"name\": \"LAB\",\n \"creationDate\": \"2024-04-15T15:31:33.395Z\",\n \"lastModificationDate\": \"2024-08-07T13:23:42.000Z\",\n \"deletedAt\": null\n }\n}",
"sekoiaio": {
"intake": {
"dialect": "Pradeo MTD",
"dialect_uuid": "3cedbe29-02f8-42bf-9ec2-0158186c2827"
}
}
},
"expected": {
"message": "{\n \"id\": \"1234567890\",\n \"creationDate\": \"2024-11-27T04:10:33.460Z\",\n \"source\": \"system\",\n \"category\": null,\n \"type\": \"DeviceApplicationComplianceUpdated\",\n \"content\": {\n \"deviceApplicationCompliance\": {\n \"id\": \"abcdef123456\",\n \"status\": \"Disapproved\",\n \"computed\": true,\n \"creationDate\": \"2024-11-27T04:04:26.482Z\",\n \"lastModificationDate\": \"2024-11-27T04:10:33.000Z\",\n \"deviceApplication\": {\n \"id\": \"123456789ABCDEF\",\n \"application\": {\n \"id\": \"azertyuiop\",\n \"package\": {\n \"id\": \"1234abcd\",\n \"package\": \"com.app.test\",\n \"system\": \"Android\"\n },\n \"version\": \"491.0.0.58.78\",\n \"md5\": \"0fccfdefc882c4be6d2a938001184e08\",\n \"sha1\": \"749c94cd972726ef2b3ccda7e718a2034cc9f6ac\",\n \"sha256\": \"278fde8924687bf22285d2b4415779d96ba967530cae43272029ec53ecc2eee8\",\n \"name\": \"App\",\n \"versionCode\": \"457215664\",\n \"size\": \"64262264\"\n },\n \"device\": {\n \"id\": \"device_id01\",\n \"serialNumber\": \"unknown\",\n \"imei\": null,\n \"name\": \"John\",\n \"email\": null,\n \"singleEnrollmentKey\": \"xxxxxXXXXxxXxxx\",\n \"byod\": false,\n \"lockPassword\": null,\n \"knoxVersion\": null,\n \"declaredOperatingSystem\": \"Android\",\n \"declaredOperatingSystemVersion\": \"10.0.0\",\n \"declaredOperatingSystemSecurityPatchDate\": \"2020-09-01T00:00:00.000Z\",\n \"declaredModel\": \"MODEL 01\",\n \"enrollmentStatus\": {\n \"id\": \"enrollid_12\",\n \"lastConnection\": \"2024-11-27T04:07:32.000Z\",\n \"coupled\": true\n },\n \"emmDeviceInfo\": null\n },\n \"installedAt\": \"2024-08-07T13:40:35.000Z\",\n \"uninstalledAt\": null,\n \"native\": false\n },\n \"matchedResponseRules\": [\n {\n \"id\": \"matched_response_id\",\n \"matchConditions\": [\n {\n \"type\": \"threatLevelIs\",\n \"value\": \"Red\"\n }\n ],\n \"notifyAdministrator\": false,\n \"onDeviceNotification\": false,\n \"action\": \"Disapproved\",\n \"responseRuleset\": {\n \"id\": \"yMXqFSTMT8uDn1ijwCmEGA\",\n \"name\": \"FallBack\",\n \"active\": true,\n \"type\": \"FallBack\",\n \"priority\": 0\n },\n \"priority\": 0\n }\n ]\n }\n },\n \"user\": null,\n \"device\": null,\n \"company\": {\n \"id\": \"ROhGBpGHSi2gpVagfb4FhQ\",\n \"name\": \"LAB\",\n \"creationDate\": \"2024-04-15T15:31:33.395Z\",\n \"lastModificationDate\": \"2024-08-07T13:23:42.000Z\",\n \"deletedAt\": null\n }\n}",
"event": {
"action": "DeviceApplicationComplianceUpdated",
"category": [
"process"
],
"type": [
"change"
]
},
"@timestamp": "2024-11-27T04:10:33.460000Z",
"pradeo": {
"application": {
"id": "azertyuiop",
"md5": "0fccfdefc882c4be6d2a938001184e08",
"name": "App",
"package": "com.app.test",
"sha1": "749c94cd972726ef2b3ccda7e718a2034cc9f6ac",
"sha256": "278fde8924687bf22285d2b4415779d96ba967530cae43272029ec53ecc2eee8",
"system": "Android",
"version": "491.0.0.58.78",
"versionCode": "457215664"
},
"device": {
"byod": false,
"coupled": true,
"declaredModel": "MODEL 01",
"declaredOperatingSystem": "Android",
"declaredOperatingSystemSecurityPatchDate": "2020-09-01T00:00:00Z",
"declaredOperatingSystemVersion": "10.0.0",
"id": "device_id01",
"lastConnection": "2024-11-27T04:07:32Z",
"name": "John",
"serialNumber": "unknown"
},
"metadata": {
"creationDate": "2024-11-27T04:10:33.460000Z",
"id": "1234567890",
"source": "system",
"type": "DeviceApplicationComplianceUpdated"
}
}
}
}

0 comments on commit e927ad7

Please sign in to comment.