-
Notifications
You must be signed in to change notification settings - Fork 136
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactoring Discovery EOC event classes (issue 958) #967
Conversation
There is one other item I'd like to propose: this was raised by @mikeradka previously, but I'd like to remove the MacOS extension and expand the Startup Application Query to be for all OS types. |
Looks really good Max. Could you also add a CHANGELOG.md update as well? |
@pagbabian-splunk I've added the CHANGELOG entries for the event classes added. I've left out the Macos profile in the CHANGELOG, as I'm planning to propose another PR to refactor/remove it in favor of expanding the Startup Application Query class to apply to all OS types. |
…ent change. Also fixed typo.
# Conflicts: # events/discovery/network_connection_query.json
Related Issue:
Address: #958
Description of Changes:
Refactoring of Discovery / EOC event classes for consistency with other event types in the category.
Refactored all _info classes added as part of the original PR to use a _query suffix.
Using the query_info object to capture search criteria and details
Activity id has been updated to include query
Added query_result_id to hold the results of the query, as well as its sibling attribute