scottk/siembol
1
0
Fork 0
mirror of https://github.com/optim-enterprises-bv/siembol.git synced 2025-11-01 19:07:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Siembol alerting: rejecting a rule with negative matchers only (#638)

Browse Source 
* adding check for negated matchers

* minor refactoring of alerting core module

* compilation fix
This commit is contained in:
Marian Novotny
2022-05-06 09:28:13 +01:00
committed by GitHub
parent d1489d8b3b
commit 2642d0bdfb
37 changed files with 141 additions and 91 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
alerting/alerting-core/pom.xml
View File

@@ -11,7 +11,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>alerting</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
@@ -35,7 +35,7 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol-common</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>junit</groupId>

4
alerting/alerting-core/src/main/java/uk/co/gresearch/siembol/alerts/common/AlertingFields.java
View File

@@ -20,9 +20,9 @@ public enum AlertingFields {
static {
for (AlertingFields field : AlertingFields.values()) {
ALERTING_FIELDS.put(field.toString(),
String.format("%s_%s", ALERTS_PREFIX, field.toString()));
String.format("%s_%s", ALERTS_PREFIX, field));
CORRELATION_ALERTING_FIELDS.put(field.toString(),
String.format("%s_%s", CORRELATION_ALERTS_PREFIX, field.toString()));
String.format("%s_%s", CORRELATION_ALERTS_PREFIX, field));
}
}

2
alerting/alerting-core/src/main/java/uk/co/gresearch/siembol/alerts/correlationengine/AlertCounterMetadata.java
View File

@@ -4,7 +4,7 @@ import java.util.EnumSet;
public class AlertCounterMetadata {
public enum Flags {
MANDATORY;
MANDATORY
}
private final EnumSet<Flags> flags;
private final int threshold;

12
alerting/alerting-core/src/main/java/uk/co/gresearch/siembol/alerts/correlationengine/CorrelationRule.java
View File

@@ -7,7 +7,6 @@ import uk.co.gresearch.siembol.alerts.common.AlertingResult;
import uk.co.gresearch.siembol.alerts.engine.AbstractRule;
import java.util.*;
import java.util.stream.Collectors;
import static uk.co.gresearch.siembol.alerts.common.AlertingTags.CORRELATION_KEY_TAG_NAME;
@@ -66,10 +65,7 @@ public class CorrelationRule extends AbstractRule {
}
public List<String> getAlertNames() {
return alertToCounterIndex
.keySet()
.stream()
.collect(Collectors.toList());
return new ArrayList<>(alertToCounterIndex.keySet());
}
@@ -133,7 +129,7 @@ public class CorrelationRule extends AbstractRule {
public static abstract class Builder<T extends CorrelationRule> extends AbstractRule.Builder<T>{
protected static final String ALERT_ALREADY_EXISTS_MSG = "Duplicate alert names for correlation";
protected static final String INVALID_ALERT_COUNTER = "Invalid alert counter specification";
protected static final String EMTPY_ALERT_COUNTERS_MSG = "Missing alert counters";
protected static final String EMPTY_ALERT_COUNTERS_MSG = "Missing alert counters";
protected static final String MISSING_REQUIRED_ATTRIBUTES = "Missing required attributes for alert correlation";
protected static final String WRONG_ALERT_THRESHOLDS = "wrong alert thresholds";
protected static final Integer PROCESSING_TIME_MAX_LAG_TIME = 0;
@@ -181,14 +177,14 @@ public class CorrelationRule extends AbstractRule {
public static CorrelationRule.Builder<CorrelationRule> builder() {
return new CorrelationRule.Builder<CorrelationRule>() {
return new CorrelationRule.Builder<>() {
@Override
protected CorrelationRule buildInternally() {
if (!flags.contains(Flags.USE_EVENT_TIME)) {
maxLagTimeInSec = PROCESSING_TIME_MAX_LAG_TIME;
}
if (alertCountersMetadataTemp.isEmpty()) {
throw new IllegalArgumentException(EMTPY_ALERT_COUNTERS_MSG);
throw new IllegalArgumentException(EMPTY_ALERT_COUNTERS_MSG);
}
if (timeWindowInMs == null || maxLagTimeInSec == null) {
throw new IllegalArgumentException(MISSING_REQUIRED_ATTRIBUTES);

4
alerting/alerting-core/src/main/java/uk/co/gresearch/siembol/alerts/engine/AbstractRule.java
View File

@@ -40,9 +40,7 @@ public abstract class AbstractRule {
outputFields.forEach(x -> event.put(x.getKey(), x.getValue()));
for (Pair<String, String> variableOutputField : variableOutputFields) {
Optional<String> value = EvaluationLibrary.substitute(event, variableOutputField.getValue());
if (value.isPresent()) {
event.put(variableOutputField.getKey(), value.get());
}
value.ifPresent(x -> event.put(variableOutputField.getKey(), x));
}
}

5
alerting/alerting-core/src/main/java/uk/co/gresearch/siembol/alerts/engine/BasicMatcher.java
View File

@@ -36,6 +36,11 @@ public abstract class BasicMatcher implements Matcher {
return false;
}
@Override
public boolean isNegated() {
return isNegated;
}
protected abstract EvaluationResult matchInternally(Map<String, Object> map, String fieldValue);
public static abstract class Builder<T extends BasicMatcher> {

5
alerting/alerting-core/src/main/java/uk/co/gresearch/siembol/alerts/engine/CompositeMatcher.java
View File

@@ -29,6 +29,11 @@ public class CompositeMatcher implements Matcher {
return canModifyEvent;
}
@Override
public boolean isNegated() {
return negated;
}
public static Builder builder() {
return new Builder();
}

4
alerting/alerting-core/src/main/java/uk/co/gresearch/siembol/alerts/engine/IsInSetMatcher.java
View File

@@ -28,7 +28,7 @@ public class IsInSetMatcher extends BasicMatcher {
boolean matchedVariable = false;
for (String variableString : variableStrings) {
Optional<String> substituted = EvaluationLibrary.substitute(map, variableString);
if (!substituted.isPresent()) {
if (substituted.isEmpty()) {
continue;
}
@@ -45,7 +45,7 @@ public class IsInSetMatcher extends BasicMatcher {
public static Builder<IsInSetMatcher> builder() {
return new Builder<IsInSetMatcher>() {
return new Builder<>() {
@Override
public IsInSetMatcher build() {
if (words == null || words.isEmpty()) {

1
alerting/alerting-core/src/main/java/uk/co/gresearch/siembol/alerts/engine/Matcher.java
View File

@@ -7,4 +7,5 @@ import java.util.Map;
public interface Matcher {
EvaluationResult match(Map<String, Object> log);
boolean canModifyEvent();
boolean isNegated();
}

6
alerting/alerting-core/src/main/java/uk/co/gresearch/siembol/alerts/engine/RegexMatcher.java
View File

@@ -8,7 +8,7 @@ import java.util.regex.Pattern;
public class RegexMatcher extends BasicMatcher {
private static final String EMPTY_PATTERN = "Empty pattern";
private static final Pattern VARIABLE_PATTERN =
Pattern.compile("\\(\\?<([a-zA-Z][a-zA-Z0-9:_]*)>");
Pattern.compile("\\(\\?<([a-zA-Z][a-zA-Z\\d:_]*)>");
private static final String VARIABLE_NAME = "var";
private static final int VAR_PREFIX_SIZE = "(\\<".length();
@@ -43,7 +43,7 @@ public class RegexMatcher extends BasicMatcher {
public static RegexMatcher.Builder<RegexMatcher> builder() {
return new RegexMatcher.Builder<RegexMatcher>() {
return new RegexMatcher.Builder<>() {
@Override
public RegexMatcher build() {
if (pattern == null || variableNames == null) {
@@ -78,7 +78,7 @@ public class RegexMatcher extends BasicMatcher {
}
//NOTE: we rename variables since java does not support '_', ':'
sb.append(VARIABLE_NAME + variableNames.size());
sb.append(VARIABLE_NAME).append(variableNames.size());
variableNames.add(name);
}

10
alerting/alerting-core/src/main/java/uk/co/gresearch/siembol/alerts/engine/Rule.java
View File

@@ -44,6 +44,7 @@ public class Rule extends AbstractRule {
public static abstract class Builder<T extends Rule> extends AbstractRule.Builder<T>{
protected static final String MISSING_MATCHERS = "Empty matchers in a rule";
protected static final String NEGATED_MATCHERS_ONLY = "The rule contains negated matchers only";
protected List<Matcher> matchers;
protected EnumSet<RuleFlags> flags = EnumSet.noneOf(RuleFlags.class);
@@ -61,18 +62,23 @@ public class Rule extends AbstractRule {
if (matchers == null || matchers.isEmpty()) {
throw new IllegalArgumentException(MISSING_MATCHERS);
}
boolean allNegatedMatchers = true;
for (Matcher matcher : matchers) {
if (matcher.canModifyEvent()) {
flags.add(RuleFlags.CAN_MODIFY_EVENT);
break;
}
allNegatedMatchers &= matcher.isNegated();
}
if (allNegatedMatchers) {
throw new IllegalArgumentException(NEGATED_MATCHERS_ONLY);
}
}
}
public static Builder<Rule> builder() {
return new Builder<Rule>() {
return new Builder<>() {
@Override
protected Rule buildInternally() {
prepareBuild();

2
alerting/alerting-core/src/test/java/uk/co/gresearch/siembol/alerts/engine/AlertingEngineImplTest.java
View File

@@ -139,7 +139,7 @@ public class AlertingEngineImplTest {
@Test
public void testMatchAndException() {
when(rule1.match(ArgumentMatchers.<Map<String, Object>>any())).thenThrow(new RuntimeException());
when(rule1.match(ArgumentMatchers.any())).thenThrow(new RuntimeException());
AlertingResult ret = engine.evaluate(knownSourceType);
Assert.assertEquals(AlertingResult.StatusCode.OK, ret.getStatusCode());
Assert.assertEquals(EvaluationResult.MATCH, ret.getAttributes().getEvaluationResult());

2
alerting/alerting-core/src/test/java/uk/co/gresearch/siembol/alerts/engine/ContainsMatcherTest.java
View File

@@ -9,7 +9,7 @@ import java.util.HashMap;
import java.util.Map;
public class ContainsMatcherTest {
private String field = "test_field";
private final String field = "test_field";
private Map<String, Object> event;
private ContainsMatcher matcher;
private final String pattern = "secret";

2
alerting/alerting-core/src/test/java/uk/co/gresearch/siembol/alerts/engine/IsInSetTest.java
View File

@@ -9,7 +9,7 @@ import java.util.HashMap;
import java.util.Map;
public class IsInSetTest {
private String field = "test_field";
private final String field = "test_field";
private Map<String, Object> event;
private IsInSetMatcher matcher;

61
alerting/alerting-core/src/test/java/uk/co/gresearch/siembol/alerts/engine/RuleTest.java
View File

@@ -20,19 +20,19 @@ public class RuleTest {
private final Map<String, Object> event = new HashMap<>();
private List<Pair<String, String>> constants;
private List<Pair<String, Object>> protections;
private BasicMatcher matcher;
private Matcher matcher;
private Rule rule;
@Before
public void setUp() {
constants = List.of(Pair.of("detection_source", "alerts"));
protections = List.of(Pair.of(AlertingFields.MAX_PER_HOUR_FIELD.toString(), 1));
matcher = Mockito.mock(BasicMatcher.class);
matcher = Mockito.mock(Matcher.class);
when(matcher.match(ArgumentMatchers.any())).thenReturn(EvaluationResult.MATCH);
}
@Test
public void testGoodMetadata() {
public void ruleWithMetadataOk() {
rule = Rule.builder()
.matchers(List.of(matcher))
.name(name)
@@ -57,7 +57,7 @@ public class RuleTest {
}
@Test
public void testGoodMetadataVariableTag() {
public void ruleWithMetadataVariableTagOk() {
constants = new ArrayList<>(constants);
constants.add(Pair.of("malicious_url", "http://${dummy_host}/${dummy_path}"));
rule = Rule.builder()
@@ -87,7 +87,7 @@ public class RuleTest {
}
@Test
public void testGoodCanModifyEvent() {
public void ruleCanModifyEventOk() {
when(matcher.canModifyEvent()).thenReturn(true);
rule = Rule.builder()
@@ -102,7 +102,7 @@ public class RuleTest {
}
@Test
public void testGoodMatch() {
public void ruleMatchOk() {
rule = Rule.builder()
.matchers(List.of(matcher))
.name(name)
@@ -117,7 +117,7 @@ public class RuleTest {
}
@Test
public void testGoodNoMatch() {
public void ruleNoMatch() {
when(matcher.match(ArgumentMatchers.any())).thenReturn(EvaluationResult.NO_MATCH);
rule = Rule.builder()
.matchers(List.of(matcher))
@@ -133,7 +133,7 @@ public class RuleTest {
}
@Test(expected = RuntimeException.class)
public void testThrowsException() throws RuntimeException {
public void matchThrowsException() throws RuntimeException {
when(matcher.match(ArgumentMatchers.any())).thenThrow(new RuntimeException());
rule = Rule.builder()
.matchers(List.of(matcher))
@@ -147,7 +147,7 @@ public class RuleTest {
}
@Test(expected = IllegalArgumentException.class)
public void missingName() {
public void builderMissingName() {
rule = Rule.builder()
.matchers(List.of(matcher))
.version(version)
@@ -157,7 +157,7 @@ public class RuleTest {
}
@Test(expected = IllegalArgumentException.class)
public void missingVersion() {
public void builderMissingVersion() {
Rule.builder()
.matchers(List.of(matcher))
.name(name)
@@ -167,7 +167,7 @@ public class RuleTest {
}
@Test(expected = IllegalArgumentException.class)
public void missingMatchers() {
public void builderMissingMatchers() {
Rule.builder()
.name(name)
.version(version)
@@ -175,4 +175,43 @@ public class RuleTest {
.protections(protections)
.build();
}
@Test(expected = IllegalArgumentException.class)
public void builderOneNegatedMatcher() {
when(matcher.isNegated()).thenReturn(true);
rule = Rule.builder()
.matchers(List.of(matcher))
.name(name)
.version(version)
.tags(constants)
.protections(protections)
.build();
}
@Test(expected = IllegalArgumentException.class)
public void builderTwoNegatedMatchers() {
when(matcher.isNegated()).thenReturn(true);
rule = Rule.builder()
.matchers(List.of(matcher, matcher))
.name(name)
.version(version)
.tags(constants)
.protections(protections)
.build();
}
@Test
public void builderOneMatcherAndMultipleNegatedMatchers() {
var nonNegatedMatcher = Mockito.mock(Matcher.class);
when(nonNegatedMatcher.isNegated()).thenReturn(false);
when(matcher.isNegated()).thenReturn(true);
rule = Rule.builder()
.matchers(List.of(matcher, matcher, nonNegatedMatcher, matcher, matcher))
.name(name)
.version(version)
.tags(constants)
.protections(protections)
.build();
Assert.assertNotNull(rule);
}
}

2
alerting/alerting-core/src/test/java/uk/co/gresearch/siembol/alerts/protection/RuleProtectionSystemTest.java
View File

@@ -22,7 +22,7 @@ public class RuleProtectionSystemTest {
@Test
public void testIncrement() {
//NOTE: this test can theoretically fails we can turn it of in case of issues
//NOTE: this test can theoretically fail we can turn it of in case of issues
for (int i = 1; i < 2; i++) {
AlertingResult ret = protection.incrementRuleMatches(ruleName);
Assert.assertEquals(AlertingResult.StatusCode.OK, ret.getStatusCode());

4
alerting/alerting-spark/pom.xml
View File

@@ -11,7 +11,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>alerting</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
@@ -23,7 +23,7 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>alerting-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
<exclusions>
<exclusion>
<artifactId>jackson-databind</artifactId>

4
alerting/alerting-storm/pom.xml
View File

@@ -9,7 +9,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>alerting</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
@@ -51,7 +51,7 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>alerting-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>

2
alerting/pom.xml
View File

@@ -11,7 +11,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<modules>
<module>alerting-core</module>

4
config-editor/config-editor-core/pom.xml
View File

@@ -9,13 +9,13 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>config-editor</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol-common</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.apache.commons</groupId>

18
config-editor/config-editor-rest/pom.xml
View File

@@ -9,7 +9,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>config-editor</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<dependencyManagement>
<dependencies>
@@ -56,7 +56,7 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol-common</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>
@@ -67,22 +67,22 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>config-editor-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>config-editor-services</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>config-editor-sync</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>alerting-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>
@@ -93,7 +93,7 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>parsing-app</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>
@@ -104,7 +104,7 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>enriching-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>
@@ -115,7 +115,7 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>responding-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>

14
config-editor/config-editor-services/pom.xml
View File

@@ -10,7 +10,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>config-editor</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
@@ -41,32 +41,32 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol-common</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>config-editor-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>alerting-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>parsing-app</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>enriching-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>responding-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>junit</groupId>

8
config-editor/config-editor-sync/pom.xml
View File

@@ -9,7 +9,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>config-editor</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
@@ -20,17 +20,17 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol-common</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>config-editor-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>parsing-app</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
<scope>provided</scope>
</dependency>
<dependency>

2
config-editor/pom.xml
View File

@@ -11,7 +11,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<modules>
<module>config-editor-core</module>

4
deployment/storm-topology-manager/pom.xml
View File

@@ -9,7 +9,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
<relativePath>../../pom.xml</relativePath>
</parent>
<dependencyManagement>
@@ -43,7 +43,7 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol-common</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>

6
enriching/enriching-core/pom.xml
View File

@@ -11,7 +11,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>enriching</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
@@ -35,12 +35,12 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol-common</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>alerting-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>junit</groupId>

4
enriching/enriching-storm/pom.xml
View File

@@ -9,7 +9,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>enriching</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
@@ -75,7 +75,7 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>enriching-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>

2
enriching/pom.xml
View File

@@ -11,7 +11,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<modules>
<module>enriching-core</module>

6
parsing/parsing-app/pom.xml
View File

@@ -11,7 +11,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>parsing</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
@@ -39,12 +39,12 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol-common</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>parsing-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>junit</groupId>

4
parsing/parsing-core/pom.xml
View File

@@ -11,7 +11,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>parsing</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
@@ -45,7 +45,7 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol-common</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>joda-time</groupId>

4
parsing/parsing-storm/pom.xml
View File

@@ -9,7 +9,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>parsing</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
@@ -75,7 +75,7 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>parsing-app</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>

2
parsing/pom.xml
View File

@@ -11,7 +11,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<modules>
<module>parsing-core</module>

2
pom.xml
View File

@@ -6,7 +6,7 @@
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol</artifactId>
<name>siembol</name>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
<description>A scalable, advanced security analytics framework based on open-source big data technologies.</description>
<inceptionYear>2019</inceptionYear>
<url>https://siembol.io/</url>

2
responding/pom.xml
View File

@@ -11,7 +11,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<modules>
<module>responding-core</module>

6
responding/responding-core/pom.xml
View File

@@ -11,7 +11,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>responding</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>
@@ -35,12 +35,12 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol-common</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>alerting-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>com.jayway.jsonpath</groupId>

6
responding/responding-stream/pom.xml
View File

@@ -9,7 +9,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>responding</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<dependencyManagement>
<dependencies>
@@ -51,7 +51,7 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol-common</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
<exclusions>
<exclusion>
<groupId>org.slf4j</groupId>
@@ -62,7 +62,7 @@
<dependency>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>responding-core</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</dependency>
<dependency>
<groupId>org.apache.kafka</groupId>

2
siembol-common/pom.xml
View File

@@ -9,7 +9,7 @@
<parent>
<groupId>uk.co.gresearch.siembol</groupId>
<artifactId>siembol</artifactId>
<version>2.5.1-SNAPSHOT</version>
<version>2.5.2-SNAPSHOT</version>
</parent>
<dependencies>
<dependency>