%global _empty_manifest_terminate_build 0 Name: python-kestrel-lang Version: 1.6.1 Release: 1 Summary: Kestrel Threat Hunting Language License: Apache 2.0 License URL: https://github.com/opencybersecurityalliance/kestrel-lang Source0: https://mirrors.aliyun.com/pypi/web/packages/7d/b7/75ce29211e9eb9b49a718b1e95593d3b51a64de160495c418933e3b9a6db/kestrel-lang-1.6.1.tar.gz BuildArch: noarch Requires: python3-pyyaml Requires: python3-lxml Requires: python3-pandas Requires: python3-requests Requires: python3-nest-asyncio Requires: python3-lark Requires: python3-pyarrow Requires: python3-docker Requires: python3-stix-shifter Requires: python3-stix-shifter-utils Requires: python3-firepit Requires: python3-typeguard %description Kestrel is a threat hunting language aiming to make cyber threat hunting *fast* by providing a layer of abstraction to build reusable, composable, and shareable hunt-flow. `Try Kestrel in a cloud sandbox without install`_ (Blog: `Try Kestrel in a Cloud Sandbox`_). Software developers write Python or Swift than machine code to quickly turn business logic into applications. Threat hunters write Kestrel to quickly turn threat hypotheses into hunt-flow. We see threat hunting as an interactive procedure to create customized intrusion detection systems on the fly, and hunt-flow is to hunts as control-flow is to ordinary programs. What does it mean by *hunt fast*? - Do not write the same TTP pattern in different data source queries. - Do not write one-time-use adapaters to connect hunt steps. - Do not waste your existing analytic scripts/programs in future hunts. - Do construct your hunt-flow from smaller reuseable hunt-flow. - Do share your huntbook with your future self and your colleagues. - Do get interactive feedback and revise hunt-flow on the fly. | %package -n python3-kestrel-lang Summary: Kestrel Threat Hunting Language Provides: python-kestrel-lang BuildRequires: python3-devel BuildRequires: python3-setuptools BuildRequires: python3-pip %description -n python3-kestrel-lang Kestrel is a threat hunting language aiming to make cyber threat hunting *fast* by providing a layer of abstraction to build reusable, composable, and shareable hunt-flow. `Try Kestrel in a cloud sandbox without install`_ (Blog: `Try Kestrel in a Cloud Sandbox`_). Software developers write Python or Swift than machine code to quickly turn business logic into applications. Threat hunters write Kestrel to quickly turn threat hypotheses into hunt-flow. We see threat hunting as an interactive procedure to create customized intrusion detection systems on the fly, and hunt-flow is to hunts as control-flow is to ordinary programs. What does it mean by *hunt fast*? - Do not write the same TTP pattern in different data source queries. - Do not write one-time-use adapaters to connect hunt steps. - Do not waste your existing analytic scripts/programs in future hunts. - Do construct your hunt-flow from smaller reuseable hunt-flow. - Do share your huntbook with your future self and your colleagues. - Do get interactive feedback and revise hunt-flow on the fly. | %package help Summary: Development documents and examples for kestrel-lang Provides: python3-kestrel-lang-doc %description help Kestrel is a threat hunting language aiming to make cyber threat hunting *fast* by providing a layer of abstraction to build reusable, composable, and shareable hunt-flow. `Try Kestrel in a cloud sandbox without install`_ (Blog: `Try Kestrel in a Cloud Sandbox`_). Software developers write Python or Swift than machine code to quickly turn business logic into applications. Threat hunters write Kestrel to quickly turn threat hypotheses into hunt-flow. We see threat hunting as an interactive procedure to create customized intrusion detection systems on the fly, and hunt-flow is to hunts as control-flow is to ordinary programs. What does it mean by *hunt fast*? - Do not write the same TTP pattern in different data source queries. - Do not write one-time-use adapaters to connect hunt steps. - Do not waste your existing analytic scripts/programs in future hunts. - Do construct your hunt-flow from smaller reuseable hunt-flow. - Do share your huntbook with your future self and your colleagues. - Do get interactive feedback and revise hunt-flow on the fly. | %prep %autosetup -n kestrel-lang-1.6.1 %build %py3_build %install %py3_install install -d -m755 %{buildroot}/%{_pkgdocdir} if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi pushd %{buildroot} if [ -d usr/lib ]; then find usr/lib -type f -printf "\"/%h/%f\"\n" >> filelist.lst fi if [ -d usr/lib64 ]; then find usr/lib64 -type f -printf "\"/%h/%f\"\n" >> filelist.lst fi if [ -d usr/bin ]; then find usr/bin -type f -printf "\"/%h/%f\"\n" >> filelist.lst fi if [ -d usr/sbin ]; then find usr/sbin -type f -printf "\"/%h/%f\"\n" >> filelist.lst fi touch doclist.lst if [ -d usr/share/man ]; then find usr/share/man -type f -printf "\"/%h/%f.gz\"\n" >> doclist.lst fi popd mv %{buildroot}/filelist.lst . mv %{buildroot}/doclist.lst . %files -n python3-kestrel-lang -f filelist.lst %dir %{python3_sitelib}/* %files help -f doclist.lst %{_docdir}/* %changelog * Fri Jun 09 2023 Python_Bot - 1.6.1-1 - Package Spec generated