feat(#3112): merge base branch into 3212-fix-osquery.

Signed-off-by: Mauro Malara <[email protected]>
wazuh · Sep 1, 2022 · 6b69a99 · 6b69a99
2 parents eb541ae + d73f9df
commit 6b69a99
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 6 deletions.
diff --git a/...est_basic_cases/test_brute_force/test_brute_force_rdp/data/playbooks/generate_events.yaml b/...est_basic_cases/test_brute_force/test_brute_force_rdp/data/playbooks/generate_events.yaml
@@ -32,8 +32,8 @@
         name: manage_alerts
         tasks_from: search_alert.yaml
       vars:
-        ts: \d+-\d+-\d+T\d+:\d+:\d+\.\d+[+|-]\d+
-        custom_regex: "{\"timestamp\":\"{{ ts }}\",\"rule\":{\"level\":{{ rule_level }},\
+        timestamp: \d+-\d+-\d+T\d+:\d+:\d+\.\d+[+|-]\d+
+        custom_regex: "{\"timestamp\":\"{{ timestamp }}\",\"rule\":{\"level\":{{ rule_level }},\
           \"description\":\"{{ rule_description }}\",\"id\":\"{{ rule_id }}\".*"
         attempts: 15
         time_btw_attempts: 2

diff --git a/...est_basic_cases/test_brute_force/test_brute_force_ssh/data/playbooks/generate_events.yaml b/...est_basic_cases/test_brute_force/test_brute_force_ssh/data/playbooks/generate_events.yaml
@@ -35,17 +35,15 @@
 
 - name: Get alerts file
   hosts: managers
-  vars:
-    ts:
   tasks:
 
     - name: Search alert in alerts log
       include_role:
         name: manage_alerts
         tasks_from: search_alert.yaml
       vars:
-        ts: \d+-\d+-\d+T\d+:\d+:\d+\.\d+[+|-]\d+
-        custom_regex: "{\"timestamp\":\"{{ ts }}\",\"rule\":{\"level\":{{ rule_level }},\
+        timestamp: \d+-\d+-\d+T\d+:\d+:\d+\.\d+[+|-]\d+
+        custom_regex: "{\"timestamp\":\"{{ timestamp }}\",\"rule\":{\"level\":{{ rule_level }},\
           \"description\":\"{{ rule_description }}\",\"id\":\"{{ rule_id }}\".*"
         attempts: 15
         time_btw_attempts: 2