pmeyerson
marcusschiesser
/ mapper.js
Created
December 9, 2021 10:29
Javascript type mapper - transforms properties of an object according to a type definition from string to float, int or boolean
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| export function mapTypes(map) { | |
| return (obj) => { | |
| const newObj = {}; | |
| // eslint-disable-next-line no-restricted-syntax | |
| for (const key in obj) { | |
| if (Object.hasOwnProperty.call(obj, key)) { | |
| let value = obj[key]; | |
| const type = map[key]; | |
| switch (type) { | |
| case 'float': |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [WinEventLog://Security] | |
| disabled = 0 | |
| start_from = oldest | |
| current_only = 0 | |
| evt_resolve_ad_obj = 1 | |
| checkpointInterval = 5 | |
| blacklist1 = EventCode="4662" Message="Object Type:(?!\s*groupPolicyContainer)" | |
| blacklist2 = EventCode="566" Message="Object Type:(?!\s*groupPolicyContainer)" | |
| blacklist3 = EventCode="4688" Message="New Process Name:\s*(?i)(?:[C-F]:\\Program Files\\Splunk(?:UniversalForwarder)?\\bin\\(?:btool|splunkd|splunk|splunk\-(?:MonitorNoHandle|admon|netmon|perfmon|powershell|regmon|winevtlog|winhostinfo|winprintmon|wmi|optimize))\.exe)" | |
| blacklist4 = EventCode="4689" Message="Process Name:\s*(?i)(?:[C-F]:\\Program Files\\Splunk(?:UniversalForwarder)?\\bin\\(?:btool|splunkd|splunk|splunk\-(?:MonitorNoHandle|admon|netmon|perfmon|powershell|regmon|winevtlog|winhostinfo|winprintmon|wmi|optimize))\.exe)" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| [WinEventLog:Security] | |
| #Returns most of the space savings XML would provide | |
| SEDCMD-clean0-null_sids = s/(?m)(^\s+[^:]+\:)\s+-?$/\1/g s/(?m)(^\s+[^:]+\:)\s+-?$/\1/g s/(?m)(\:)(\s+NULL SID)$/\1/g s/(?m)(ID\:)(\s+0x0)$/\1/g | |
| SEDCMD-clean1-summary = s/This event is generated[\S\s\r\n]+$//g | |
| SEDCMD-clean2-cert_summary = s/Certificate information is only[\S\s\r\n]+$//g | |
| SEDCMD-clean3-blank_ipv6 = s/::ffff://g | |
| SEDCMD-clean4-token_elevation_summary = s/Token Elevation Type indicates[\S\s\r\n]+$//g | |
| SEDCMD-clean5-network_share_summary = s/(?ms)(A network share object was checked to see whether.*$)//g | |
| SEDCMD-clean6-authentication_summary = s/(?ms)(The computer attempted to validate the credentials.*$)//g | |
| SEDCMD-clean7-local_ipv6 = s/(?ms)(::1)//g |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1) Create a branch with the tag | |
| git branch {tagname}-branch {tagname} | |
| git checkout {tagname}-branch | |
| 2) Include the fix manually if it's just a change .... | |
| git add . | |
| git ci -m "Fix included" | |
| or cherry-pick the commit, whatever is easier | |
| git cherry-pick {num_commit} | |