Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixing conditions with multiple underscores and adding a working example for reference #41

Open
wants to merge 8 commits into
base: main
Choose a base branch
from
Open

Fixing conditions with multiple underscores and adding a working example for reference #41

wants to merge 8 commits into from

Conversation

AdrielVelazquez
Copy link

@AdrielVelazquez AdrielVelazquez commented Feb 28, 2024
edited
Loading

Regex changes for multiple underscores

While testing the upstreams rules for SigmaHQ, conditions with multiple underscores failed the regex parser with

Upstream Rule

Error parsing rule 1:20: invalid token '*'
Found error 1:20: invalid token '*'

Specifically this condition from upstream

  condition: "all of selection_1_* or 1 of selection_other_*"

The following regex didn't properly catch when multiple underscores where used

|(?P<SearchIdentifierPattern>\*?[a-zA-Z_]+\*[a-zA-Z0-9_*]*)

Screenshot 2024-02-28 at 1 58 17 PM

But this new one now allows for the match to have any number of underscores before defining the regex pattern.

Additional Example

Added an examples directory as the provided example in the README.md was a little vague with sigma.Evalutator (which didn't work for me), and changed it to a working example as well.

Unittests

❯ go test
path ./testdata/
path testdata/TestMarshalRule-proc_creation_win_apt_chafer_mar18
path testdata/TestMarshalRule-proxy_apt40
path testdata/TestMarshalRule-zeek_smb_converted_win_susp_psexec
path testdata/TestParseConfig-sysmon
path testdata/TestParseRule-UpstreamSigmaRule
path testdata/TestParseRule-proc_creation_win_apt_chafer_mar18
path testdata/TestParseRule-proxy_apt40
path testdata/TestParseRule-zeek_smb_converted_win_susp_psexec
path testdata/UpstreamSigmaRule.rule.yml
path testdata/proc_creation_win_apt_chafer_mar18.rule.yml
path testdata/proxy_apt40.rule.yml
path testdata/sysmon.config.yml
path testdata/zeek_smb_converted_win_susp_psexec.rule.yml
PASS
ok  	github.com/bradleyjkemp/sigma-go	0.512s

bradleyjkemp
bradleyjkemp reviewed Feb 29, 2024
View reviewed changes
condition_parser.go
@@ -8,8 +8,8 @@ import (

var (
searchExprLexer = lexer.Must(lexer.Regexp(`(?P<Keyword>(?i)(1 of them)|(all of them)|(1 of)|(all of))` +
`|(?P<SearchIdentifierPattern>\*?[a-zA-Z_]+\*[a-zA-Z0-9_*]*)` +
`|(?P<SearchIdentifier>[a-zA-Z_][a-zA-Z0-9_]*)` +
`|(?P<SearchIdentifierPattern>\*?[a-zA-Z_]+(?:[a-zA-Z0-9_]*_)*[a-zA-Z0-9]*\*)` + // Adjusted pattern to catch multiple underscores which is present upstream
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This regex is tricky and unfortunately what's allowed here isn't actually defined in the spec: it's referred to as {search-identifier-pattern} but never actually defined https://github.com/SigmaHQ/sigma-specification/blob/main/Sigma_specification.md#condition

We don't want to allow plain *, but other than that we could just say any string containing a * and another character [a-zA-Z0-9_] is a SearchIdentifierPattern?

Copy link
Author

@AdrielVelazquez AdrielVelazquez Mar 1, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Interestingly, there are rules committed upstream that does support at least what's presented. Reading the rules more thoroughly, seems like there are possibilities for wildcards to be present anywhere in the string.

Matching is done with * wildcards (any number of characters) at arbitrary positions in the pattern.

So technically something like 1 of selection_*curl_* is allowed if I'm reading this correctly, which I don't think even the original pattern supports.

Also I added a new bash script that pulls ALL of the rules down, and verifies that the tests still run with all rules provided by SigmaHQ. For some reason just doing a regex that matched only what you suggested wasn't working as expected.

❯ go test
path ./testdata/
path testdata/TestMarshalRule-proc_creation_win_apt_chafer_mar18
path testdata/TestMarshalRule-proxy_apt40
path testdata/TestMarshalRule-zeek_smb_converted_win_susp_psexec
path testdata/TestParseConfig-sysmon
path testdata/TestParseRule-UpstreamSigmaRule
path testdata/TestParseRule-proc_creation_win_apt_chafer_mar18
path testdata/TestParseRule-proxy_apt40
path testdata/TestParseRule-zeek_smb_converted_win_susp_psexec
path testdata/UniqueCondition_00dd6763892aba9f2e493b6ef3f47523c45539e2bc64ded60fa72d9c67ed38b1.yml
path testdata/UniqueCondition_02b4ae2b31a9e72f2cb16d421325892c0370ee14acda6a431b1f2ee9a61bdb4a.yml
path testdata/UniqueCondition_02fcd90d661787dfcff6d3eabd77566af6dec602316753832ec9ddffbf047639.yml
path testdata/UniqueCondition_0398f8fb54c2dcde1175c210befe4408f38ebd3976f23259186632d8de10dfdf.yml
path testdata/UniqueCondition_03bc60850d3bf61ec260953a6149ae4e335996fd47f77d5ec2e1f775d8fa170a.yml
path testdata/UniqueCondition_03fb47ece61058e89e5140c43724d9c3d4f6cbddad0d986975b760294f7d17fc.yml
path testdata/UniqueCondition_04861ef6f05fd8be9f7b67dbd09290dcaccd1a5cda5bb1900a72b210c1627ed8.yml
path testdata/UniqueCondition_04d72b33980415a57cb46fd8e5bcddf5e6fc0667b0cb54617a132d992c3da52c.yml
path testdata/UniqueCondition_05120fa74e0810931f3691067f0ee6b459f265f695491e8c4561a81e4f929a98.yml
path testdata/UniqueCondition_05baa64afde331a0511ba8848ee9922be025e81f261cdef7a12eba43e07deefb.yml
path testdata/UniqueCondition_0787058d63399e0a8ddbf8687e3a1954e478d2317b61b566f4bcffb5389db9bf.yml
path testdata/UniqueCondition_07c159fd9aa300983b073ac5f22e25d9acbb301fe0d95e1e26edb16f815e4537.yml
path testdata/UniqueCondition_083adfead07a1f0b68b7670a41d4e1c3212532b924e6fc360b7166e934fac624.yml
path testdata/UniqueCondition_084d0ad187c23c99ffaa681a3c8da73c638b275731b56e27c62d569cdb24b18d.yml
path testdata/UniqueCondition_0966e5d117d52ee929ef653b1f08abac7cc70f67ca3884b215549d7438737628.yml
path testdata/UniqueCondition_0968b14905d394d0fbe92f92d77772fc4c7c69b45f93320d296fd75e817fe478.yml
path testdata/UniqueCondition_097c34c6fac8b4c4b75d9a37a61f42bb7a5b43145eb947a74a054be410b31108.yml
path testdata/UniqueCondition_09e2963d1ec0d2bf3d279db22bb392aa973c9f61d269f663b2e93510fe371121.yml
path testdata/UniqueCondition_0a522bac7d2da3161ad9ad6db010ffe477c78840fc7fce63b3bab06546935637.yml
path testdata/UniqueCondition_0a80c311a6aab017437284da5320b58c6aea90cada407b8cd9a8a1b01fe22adc.yml
path testdata/UniqueCondition_0ee681622e89695d9bcba2e675741b6fcaf203e8a78e66c244aa50430879cd4d.yml
path testdata/UniqueCondition_0f09c032807229b1a04177268c6a9ef9ffd9550dd35272e55b5a9ca1f320131c.yml
path testdata/UniqueCondition_0fa9e52d03e3b61a5902176be3a125cf04eb14dc5120770192d75da8be6451fc.yml
path testdata/UniqueCondition_11110517c3fcded8f686d141c924f2ea794b62e82819d039652df19720f20b8f.yml
path testdata/UniqueCondition_111d63974a775768064740bc8b62d437e095113a8f3145851b2adff36bf8a27c.yml
path testdata/UniqueCondition_1153c4100188eec45e0a429f462a40ccccc112c6dc5b0568e2bf6d24b0f4bd06.yml
path testdata/UniqueCondition_121fd599645f15e025ea65f6d398f63ab8bf1904c29568ba93c31e1d3e5fbce3.yml
path testdata/UniqueCondition_13410f5c70ebde0d6278a9673cc3c1baeea11a7f4a47e436cc750749c78fb7ca.yml
path testdata/UniqueCondition_13506fd36925c21a517a31b9bbe546ffb98d7a50d6b03947c01fada1d5ab5bd3.yml
path testdata/UniqueCondition_157a108a94b930f66aa8d83f7c045464cd2e78d19cebb4415e285735adaa35da.yml
path testdata/UniqueCondition_1695f2c2eee89457b4ffdbde309c016c4d9ce22b40d9255909d51be2a62fc1f9.yml
path testdata/UniqueCondition_1711a77db95e1c321216856770982d0a5bd6c60a13031e44b65adf6553b09d62.yml
path testdata/UniqueCondition_17f92a1706d1c6a5e421b6b6c4b0d0c4711d5079964c6ec56cbef82c4a7de5e3.yml
path testdata/UniqueCondition_183e8d2a187552d6ad2cf15a4d38cdf09da3bb716c6c755426c3916813be97e3.yml
path testdata/UniqueCondition_187c39949d7c8529f6c7a68ca9f61f71e4a3111dfaa2462370b23e9dad9cf3cb.yml
path testdata/UniqueCondition_1942d150e5b69a04816818018d062470c242ad7ce3b6f7680e7436fc73ca5f2e.yml
path testdata/UniqueCondition_1aca815ad5aebfe52ef044dcaaf49b64c6d56d9b237a5aeffe0346a78d95491b.yml
path testdata/UniqueCondition_1af10f896ffb64b212efde99e181f93e4d0d79a0ed9d303c4af24ae170969e57.yml
path testdata/UniqueCondition_1b5b1d95b903eb17e62318648ab380f8efe3ee13731e07c27f7897deac8f88eb.yml
path testdata/UniqueCondition_1b623b318f6c18a10a35706724edbd6ff4bdfb660de530f11b6ce40d768cc07f.yml
path testdata/UniqueCondition_1cde61ff88afea9e4583456a89bb1cc975220c22ebc122233b304c302dfcb386.yml
path testdata/UniqueCondition_1d2b5b11c1fc4887a9534bc4e95998e4d28896167600aff7839752885953540e.yml
path testdata/UniqueCondition_1e2efc70daf4e96a6edba2a128d7bb058ca2bab7597aaae97161d75f768247e2.yml
path testdata/UniqueCondition_1e326176f52974b112977a4b96605309834186a8399e9007446a3b2177a27112.yml
path testdata/UniqueCondition_1eb073d981eeb10d6cde62bc224d66aadecc78e9ad3cfea483f12db5f6b97c0b.yml
path testdata/UniqueCondition_20f8eacecf812465fc82a461bb72da561a522dd60d57193cf4c8b7b934aa2395.yml
path testdata/UniqueCondition_22345fbd2f5f0bc2b81e58cc7c8c61228a1e2ef419225b6d01491f30bfc8750d.yml
path testdata/UniqueCondition_228b1a0447d32a81820ba40fae4b9d33f1433f29ba02ca61138f27d841fba610.yml
path testdata/UniqueCondition_228b6d01fce0e92c273ff7a34ec329e06296adf38ebef9a0fe5d1568b6b3367e.yml
path testdata/UniqueCondition_244ef9ccd73c7157f1f720a92837b0dc62c897ee776cbcd610e2a94414d9ed78.yml
path testdata/UniqueCondition_249c26641e42a299a86b196192db0482d8c31cfb59100b83f52af695e0ecd225.yml
path testdata/UniqueCondition_24ed27a6d6964d8912921b99e49b406682b061520ff13af7f82feb8275abe93a.yml
path testdata/UniqueCondition_25e47fd01880c434f50a445d95763c1d73c2ad3734e2bc76bee4d45bd03cac06.yml
path testdata/UniqueCondition_26133919931a8afd71722ac0fb679b55f540af5fa99a241853444f5a99f162a7.yml
path testdata/UniqueCondition_271d82e4e854d9a5b5d0c993833aef8b036c1cae869632e8daeebdf398fd7b94.yml
path testdata/UniqueCondition_278905cbfe26715be87f469f00bde3c560c5190a087874a20fd2f8f9bc23613e.yml
path testdata/UniqueCondition_2807ef7d147964fb134bbce777c4bf716df6f70e30c0e2f5c704b52810ea0f9b.yml
path testdata/UniqueCondition_283e593ba6f7582719a0293a2463548dcfdcb09c6bc6a7af594b9a460b590103.yml
path testdata/UniqueCondition_2aab9af343decbea811a3350b122aae2b3bcb5a04f2496982def19617e8fa4aa.yml
path testdata/UniqueCondition_2b9020b2038df4f2783a21911663147b8a6832b96085b4729ab559ccd4e7e33d.yml
path testdata/UniqueCondition_2bb9b9b5c8cda736d6aabce91d830c1ba749eb352ad74bdf3574796f97b64542.yml
path testdata/UniqueCondition_2c9109c67d431ea3b85ba19acfe93db1365d99e3a59372673af4bc8c75f4642f.yml
path testdata/UniqueCondition_2d8636c628b4a86885bd1020b5a854900a619b1eaa22b837117162c147278762.yml
path testdata/UniqueCondition_2e4348ab0ea2a97afc05fd9e21a965c2924c91edd82e8638a1ef19b033fd47e4.yml
path testdata/UniqueCondition_2eb254f95069ddb0408aaf3e22816c618b22af08941f2d328ad9c769a8ce8e59.yml
path testdata/UniqueCondition_30975f70702b96818ea00de673f81924f9944abea70748937096e0fa9bb87e6d.yml
path testdata/UniqueCondition_32562a405c5e62e7fe88722eea2085eb0bbcc1f6360fba8b60f013b1bae20075.yml
path testdata/UniqueCondition_335f23c130d2af441bfaa16dae246959cf511a11a5aa0f072e635e4a8a6230f7.yml
path testdata/UniqueCondition_346ea963ceb0f4d2f983b8bd8756dc57de2c76956665649376aa5b78241a8f5b.yml
path testdata/UniqueCondition_34ae2d7549e4175e9bebccdce2c84abd049f25b43736013d62d899efe28b0a04.yml
path testdata/UniqueCondition_35a225f885375ed05ba40db621996f8d4d75679fa87c8a2ac847840904c71010.yml
path testdata/UniqueCondition_363014131531ffa433130b6454c74c7e18f72e55c7df1983922f67dbecdb3576.yml
path testdata/UniqueCondition_3642cf42a050001523218e2c620cd1147f02fb40d46215fe904ae7046b7caacf.yml
path testdata/UniqueCondition_36c0c5ada8ef96fca0e8320620a880d155fb445b0cc51a6ee5565c4a7d0bcdae.yml
path testdata/UniqueCondition_3706f75ac1b0c8594b034852da7e2cb0abe72b99cb868c7b5a401802daec498f.yml
path testdata/UniqueCondition_381c148ab2f39186be02e1ebb2955e7ce8ca7c73592e65369fbc38891eff0a13.yml
path testdata/UniqueCondition_38a2e9da3dd82b09dc7ac7e77bba37bfe17a34227cc51593a1e609cb94e7a94b.yml
path testdata/UniqueCondition_397c254bd738d2b0288269a2c3a2f3fd0c9b769c737e3eeade4f3cc1ab8fd0ee.yml
path testdata/UniqueCondition_3aa27b68329bbc1e3783569d5e34411e72d235e2d978d3958e7da23cff22e47d.yml
path testdata/UniqueCondition_3b1fbb051c972e8c141c5a6a834c71f715990d75a88bece191583eec17ea8352.yml
path testdata/UniqueCondition_3e54931ac5950c194e5e7d0eb8ebe92cdf209f7954fe276253c59b17c713a0de.yml
path testdata/UniqueCondition_3ece316eaef9a8c6354ecab5f248c4668440f7e5660042bd54c34a82fb2900b0.yml
path testdata/UniqueCondition_3f27482e5b7897eda712cc5feaf225c4adad5832a0dbfde9d1afcbedc1114293.yml
path testdata/UniqueCondition_40e001eb6450b3351b747a03c36d5203a0191fcd7b401b429f2266eae22382be.yml
path testdata/UniqueCondition_41c8c0d36fde7d9f30b7f08a7772b8960ccaca4b599970d3675a2a36bba1f7b8.yml
path testdata/UniqueCondition_427ca7e844c58f8079f6ffa9475031bc4fedd5a22f14aea2982458fad8b548e7.yml
path testdata/UniqueCondition_4310382339d322f64e3b0e8d5460915595b0642f34f15741376ad8e7867e501a.yml
path testdata/UniqueCondition_431df50534aa4d7d18527cd5a906e5d67847c288e9cee223a4f133bc2069376b.yml
path testdata/UniqueCondition_43d78ac9bc654006065e78519644d4a661330074ddab1160fa76629f090c0aa1.yml
path testdata/UniqueCondition_464352fa6eaea5bde0220dcc817530de79918e0c419c99d69eedf070f2602882.yml
path testdata/UniqueCondition_464f465d5909cba03bad8d8c1b814b3c8c7621506d413b88e5304bc387002d9d.yml
path testdata/UniqueCondition_4701e3538a96a2655884f8d1d38a1f3a12c9e499c44ecb79328e7f1c54cde71e.yml
path testdata/UniqueCondition_4891708c2e733af183e1fe0f1dc4ac95cb3cbfa03f2bcdde7df32235158ab57c.yml
path testdata/UniqueCondition_497a9779ab9ec7dedb7514aec753ce2bbf79c757199950f067175702a5c4dc2c.yml
path testdata/UniqueCondition_49b10544246eb447c10d0219d08f7301d6c865ed6ea2a774cd18b349e7c51e5e.yml
path testdata/UniqueCondition_4a945d82e00e6706f334bb3baa7e0271be803e12b01ac6ced187da13edcdd259.yml
path testdata/UniqueCondition_4bb1f371f6f2ec5122ca08f5aa4ab7871fb3c19f74d62cb5cb600a0db26cf633.yml
path testdata/UniqueCondition_4bb91d7766a25e95a0860b719d10dc057b39a1b72170954f0b6ff900bdcc7c05.yml
path testdata/UniqueCondition_4cf0ee0e733d448e1d376252d4d51a279b51c048c63fda8af23a53f92608ccef.yml
path testdata/UniqueCondition_4d519fcd00ee8f55ee32cb8c508cbb6e26744e637cb3d4519714765df5a6ace2.yml
path testdata/UniqueCondition_4de77aab0111971629802003060d605f8c5b053aae00fadcfe1d9554dece927f.yml
path testdata/UniqueCondition_501b147a700aecd551aed34a8e7cef87026f1d55077da3ac01fb16c18bfa4929.yml
path testdata/UniqueCondition_50503f1d6cd7d5ed3c5ce2f18a87d134db10ebe923da9cab7b388ccd87bba36a.yml
path testdata/UniqueCondition_50577bc30d513783cf2ff4b422b8c12fb7c02d3968437e468e1fc709addf8b4c.yml
path testdata/UniqueCondition_508f7584470d1b7ccbb0fd4af9a0ce3b7859f56572738ed1b759c238b1cda8d0.yml
path testdata/UniqueCondition_513cff6671cda9af556445c5d0c6809388ce68d085966636af9a02cb589684c7.yml
path testdata/UniqueCondition_5179784fa7372115ad4029af37aa491f8d0c50290584b3df9f0a614242147d6f.yml
path testdata/UniqueCondition_51b7ea0f1d6197df2f74921b7d7ed4e3ff39ec87c6a8bcb102d3d149338f226d.yml
path testdata/UniqueCondition_5334fc936bae341dd7a1b01e410a87003bd571bb878198bc518c48d7a86a606a.yml
path testdata/UniqueCondition_53410db4bc432f22aead5f5874cf0ca11d2a1170a9346b5564b18ee83e8cc697.yml
path testdata/UniqueCondition_53ee04f250af1537670bae86085d6c8edef532423f494df8187c1cbe2950a2d4.yml
path testdata/UniqueCondition_5480be43c0c3c4a4711d464fcf9b366c3ac7121359dd2998dc817e1036b60cac.yml
path testdata/UniqueCondition_54c2f1505634242f9dcc1aa82720147bb6411b6c5383c454f01fc8bd884b537e.yml
path testdata/UniqueCondition_563a89a0c48f397fa7fff74be7a14ddee7bb6ca5b3a2c31feed6c2b49cf655ee.yml
path testdata/UniqueCondition_5783ed066aacccbd7d16f62327c13c088b12384f9070866095b7c699d275c2ed.yml
path testdata/UniqueCondition_595ff7dc91007cde4a8d275097a677e57b8d45b4eda570168ee9232c8605bd02.yml
path testdata/UniqueCondition_59e11f995a2daa3cb4a2ff2b2b3baac8775d0e056932b20803fed1a30a143f28.yml
path testdata/UniqueCondition_5b1e515cea55b6e25cb76fee14f341e709a2d5ddc6a4819a29a39cdf182df2b6.yml
path testdata/UniqueCondition_5b9c75f9a2ff4d978283773ff7f6dd67ea81b3fb6b801f5a0ff31bd56cd5ee69.yml
path testdata/UniqueCondition_5cae0bc84249eb00273d3f9fc5d0af0883ca2dc9f71f1228df9256da1c079cfd.yml
path testdata/UniqueCondition_5d0d68a3aaa72f334580ef53ade4f1ba75bdd083cbb2f4e495746ee5bce516c6.yml
path testdata/UniqueCondition_5ec8c3ec62b89a42c21026ab3ce82a9716a21d320132299cbeec44221ec22af9.yml
path testdata/UniqueCondition_5ef86aba7abd1b10dc5c2d6146da27f169868d829161f12d37886f5e7e3a6afc.yml
path testdata/UniqueCondition_6020a384a69790aea211904f520e294908c1854558131798c97ff2906cf6dad3.yml
path testdata/UniqueCondition_616bce3fc7f5d754e70f6f1d744cfab018815756e18e2055a0885fc3a2c9233b.yml
path testdata/UniqueCondition_62a150637e2218967db4e01ea9ad47e373b032c8b9851a7f1526bee1abb19bf1.yml
path testdata/UniqueCondition_63413a7c5a51bbc6f80f66494abee9e1feb5969f1af195054c06de7b35af0f85.yml
path testdata/UniqueCondition_65045134064dd4d905665eceaf4153fea4f9d69d2ae22255a0b7cef4701f4886.yml
path testdata/UniqueCondition_6737b70fae9feb76d6c49e43152eac03a875e61b3aa6becbba7ddd9cc657e69a.yml
path testdata/UniqueCondition_67990b57509377d824b1d58fdbc0386fd18a33418bd9c5e93557e02cfa3057f9.yml
path testdata/UniqueCondition_67de0d1080d64e93b9f30195bdd0632edfbb9ca18074efc4a2ffcd954d10ba40.yml
path testdata/UniqueCondition_6927b7cd5db0d2e0cca44fac57532108511da2ee338d88fa170045dddf934567.yml
path testdata/UniqueCondition_69b7dbe3d85a0a04249ec87578531a6db999b60dc3dda2b891d9620a7dd7625b.yml
path testdata/UniqueCondition_6a21e5d96df3e2fa625980b51ecff788caff9d23c98ab6875d1782f7009c699f.yml
path testdata/UniqueCondition_6a28d31b7c1a2de766dd48396546975f6c8495fd3d57332f43a12ae60e1b8e5f.yml
path testdata/UniqueCondition_6d8db6fdbedd6a755283130abde609fea39b95d29bfd62f2c08976962fe2b786.yml
path testdata/UniqueCondition_6dc6e556bc4cd41842ee74d7242185ea3b3a257d5aea33719efc2bf52fa28247.yml
path testdata/UniqueCondition_6dc6edaea5c0db1fa424979a544ca2f7788adca61a4b4ae3eb0533896a7c1d00.yml
path testdata/UniqueCondition_6dcc3448763d9c88fd3b7441568514bd5cb25128151d5231ee47a890df3a6b33.yml
path testdata/UniqueCondition_6e53f75d840d2d4fa0c1759a8726c9302003390c7549ec75567edd9b0e3f0862.yml
path testdata/UniqueCondition_6e67b91fb7c8f6e6c337475bc846c2a3ce94e4384146e715ae1fb272c8be63ee.yml
path testdata/UniqueCondition_6ee06b4b686af437cdf70a58d2fc8f5d9ba6b363075fc6b1303414c31776aaa2.yml
path testdata/UniqueCondition_6f2e31e609c3c145612e6bc6ace3decaa796751089e746faec59814dc33d0a4c.yml
path testdata/UniqueCondition_6f730070b97878d11209889d294d529cd29c5b85547cf25c23adce8872c6e996.yml
path testdata/UniqueCondition_6f8da8ef80094c4f0b63e3477433b727e8be35c8bc1e502f3b713a8c2690b87c.yml
path testdata/UniqueCondition_70b46894534b5368f7678b8a5993f362ce6269b8501bd68ed17cc3f9292c67f7.yml
path testdata/UniqueCondition_71040a2c94201de69b9c1ac8e0484636dad732aea205c28ef367d8e8d616ad46.yml
path testdata/UniqueCondition_712ffe0ce7e0809a157987e660ce3dd3aa4ecde0165c313570da22c63395a073.yml
path testdata/UniqueCondition_71ab1a8cfa35982d177b28334bf41e11b9aba09dfde66a8700b9dda012f66501.yml
path testdata/UniqueCondition_71e0ae9fa8979f7af4472807508d07b837a0ed33d39d2740324fbea256c89d36.yml
path testdata/UniqueCondition_71f1cab14454aba7c5a83f6224837e832c891f4c14daf2e254d97c70559fdd47.yml
path testdata/UniqueCondition_7226a6245498ca1cbd9abccb01406e8920de8d6c581c7bb599eaa2a578c4ff06.yml
path testdata/UniqueCondition_7264c36e9981a33d7e66a17291a5a13454676f838c886336b6c8120cee16bbb9.yml
path testdata/UniqueCondition_7286c3e7e64dc2b9659c0e0f71be530fc6a3813b1d709f4d90242bb4320b3032.yml
path testdata/UniqueCondition_733764f30207595099a909074a1193829010280fcf606607bcd37963b711671e.yml
path testdata/UniqueCondition_735f4f913eeec7700691693c5279c7f9f6b0a144802d460214e1d9dbd36bb91c.yml
path testdata/UniqueCondition_739df08647ac1e02f68b080761e87813c75eeacdb6e0c6b43f986f02768aa284.yml
path testdata/UniqueCondition_74daa624d3b431e2852723ff877374c8b7e9d71e8abe98920366b976a5ca4745.yml
path testdata/UniqueCondition_754e36943bf118f66f90dae45127e9024f49495d1416cbe4e1ade3acf856151c.yml
path testdata/UniqueCondition_77eb811eb226c81225c06c609f8bc4e7893f1fc39617bfb7fcec5f0c7ef1b2ed.yml
path testdata/UniqueCondition_78c2a086459358789baec3cb850b0a056dc0315cca8d14a6c9f0f8e54ed18574.yml
path testdata/UniqueCondition_78c88fb7a612476e55a3014aa38b98a12207ed2f7d6b3117d169b12ebcbe5019.yml
path testdata/UniqueCondition_79b0a6238ad11210325cb29fb1b9c3ab373fd60ae6211290991483747337f4c3.yml
path testdata/UniqueCondition_79b45076e355d490274969a76fcfd181c7df1813fd74ac303964bcda141e702f.yml
path testdata/UniqueCondition_7c54ddd1af740f75f075036975255d0504d198f47d9e4acacbb3b42df817639f.yml
path testdata/UniqueCondition_7cc28e55032e5f32c1829c10cd0e5276528c16a152b66144046e78ae584bd75c.yml
path testdata/UniqueCondition_7d7e54be1cf2c11aad13e6b242c0a2b41b35481e8ebbd5cd33e8ce414b8246c9.yml
path testdata/UniqueCondition_7e45557de5300e0ae66e95ff18c6c4e120e3d9d8b95b3c13b40da5719c6df6cc.yml
path testdata/UniqueCondition_7f591cf25ec0077fdbc9621dc674233ad386f16ddbd46cee1571f494c0c8edb9.yml
path testdata/UniqueCondition_7f8647c7543a8c3df2d1320a061b4083cac7b03b2cd1345bbb793dd39e950786.yml
path testdata/UniqueCondition_7fb5f06ca941f9e8f63a309c338e6006eec1db6b7cc84b20d45d052571ad6cf1.yml
path testdata/UniqueCondition_80a00af61e2aabc635be82c231482521ba26c370cfeb25de130e9ff4a07548fb.yml
path testdata/UniqueCondition_80b5ea0da8693ae134b4f38a983950bc41a7d5aaacc92e71df66e87d977095ef.yml
path testdata/UniqueCondition_81a4c273918fd28bdb981f211adf648d02c2dfb0798d8d83f84c5fad47bae8e0.yml
path testdata/UniqueCondition_821171c5b9929d4c53fa5305170c60046cd508e337b9fe21ce28b7f89c30492d.yml
path testdata/UniqueCondition_825bd63b6eda0f1e30ae3ea54f8dbbb4d5ad7af205505479403d7f493742e8cc.yml
path testdata/UniqueCondition_825d40e7f6dc9546cbfa762518f921e24dec30a1b69b6a0dda9ce0842e497b12.yml
path testdata/UniqueCondition_82699bb445576389c0a3064ba720d69b68ad2fd56a9d506b8520577d6bcf507a.yml
path testdata/UniqueCondition_839d7e7e3ada6d404aa8ce90419e6a1674533a84e7186eed31cf6c1eeb8ee6e4.yml
path testdata/UniqueCondition_847529af9d7e34de2f54d3a4ab0960056093a8c7df5d1d6d8e50a4fdd529f3d1.yml
path testdata/UniqueCondition_87a37bfe06cb2c3b2ebc282e8572d9b0881cd7b6184bd13a5a5b6af9de66c53a.yml
path testdata/UniqueCondition_87a9c3719d17ba9cd81f7a08fc0d862b2e14a1a95e12569271cb44a9d5b12421.yml
path testdata/UniqueCondition_89aa2ff35190ce211de769ead4d96d71623776b20b202b2fa0ef8be4928a3eba.yml
path testdata/UniqueCondition_8b0b023cc4dca65e0df17d004b2fe2bbf23ba666d1e7bd43748b7c84e0ff2985.yml
path testdata/UniqueCondition_8b5c8a876d7896adad31bde115b1427c46f92331cdc5f9847e376c547595dc15.yml
path testdata/UniqueCondition_8c002abe51cc5a96c403b5c82bdd55212199597fae9284be6f5aacfc24cff0f1.yml
path testdata/UniqueCondition_906c4041bec20ddf270c34cf706894a6db09adf05f145c13c9874194d0efd836.yml
path testdata/UniqueCondition_90bf0702a4fed932d3a423887af9873122e8109aff839bb8e0547a7bab60c8bd.yml
path testdata/UniqueCondition_9174746904070995a66153b60d584d675928d5afdf9c248dd4db37bfe44698d7.yml
path testdata/UniqueCondition_91f8cf48ad57caf5134c33597b275ae2a7a3ea50b02f42a0c2e1798e655cfbae.yml
path testdata/UniqueCondition_9259ebc6be6c22d461be64b47382445bf058eec41ba1609e926468d6cc209489.yml
path testdata/UniqueCondition_952c0d6e8cc9fefe32743fed462066f4e1520d28b11c4b19113781f4ca9fc815.yml
path testdata/UniqueCondition_963a6f02352bc627f8bd2046f19b74d634941e95269a54a4740c932ea18f0001.yml
path testdata/UniqueCondition_96d89ae55d054d87a4d530920ea6725af8e913c05cb43104df2554eb7bb29b0b.yml
path testdata/UniqueCondition_96ed9294b8eb98a82c66dc43e01e157ac563df7a785f2d0826daf28d03a43f05.yml
path testdata/UniqueCondition_985bb6a6e791b8003a298c56cc26537b862e053123c102665e63fe7d387d83e0.yml
path testdata/UniqueCondition_98645b4005090596bd9c7cba7d5829fa1ad14a703145cbd9a1ca2dd28accb15b.yml
path testdata/UniqueCondition_993357c33b745c750c37b374c0915ff3455977b4bad2341d21d1bbdad6e4c85a.yml
path testdata/UniqueCondition_99df97a285ab6467d2ddaea09c95b0dbd5e42b472e7f54e111cc8055d19c2c25.yml
path testdata/UniqueCondition_9a1c934f0e556df3ff8c65b1763c6ea6cc14701d9c2ec6302a652950068d6425.yml
path testdata/UniqueCondition_9ad02bff3a0c58f4d2d20044abf2e69728b18a198fd7d4abadc8d610c55bb174.yml
path testdata/UniqueCondition_9b0fc2e88c10df55643b31b18bd3725f497e98dd1d9e4c0388f2ed2879d899ec.yml
path testdata/UniqueCondition_9d7ab05881ceae8bab73c2acfd78ed68f6cd3b296c25359153e3aa10f28a1d29.yml
path testdata/UniqueCondition_9f183b40bd05189c947a82d5e332e79b2f1730679e1d329ba1804be331a77a38.yml
path testdata/UniqueCondition_a03616cbff7b1352115c8996c13cd28e2bdc3abbda0e0e3b3bd3af319cd19b6b.yml
path testdata/UniqueCondition_a056f93c6ba3684221bcd99e99ed844638dfedaf8b00ac727b112f0174b7460a.yml
path testdata/UniqueCondition_a120d2321995149b1ee4aa3b49355dc4e04eb6c32e216f08e9b2bd152c0b62bf.yml
path testdata/UniqueCondition_a17cd0ca07b5c2926b2b892c1f4a90df300c12cbbe0e96d1e5e91741ccdb5278.yml
path testdata/UniqueCondition_a28ac460f673e7676c99f24734f99f8b0da09ff41b90dbd1a008f461e90ed61d.yml
path testdata/UniqueCondition_a29aa74ebbe00fb617b2914d98e432c23ef1966b94bdfa58681d7aa0a1f04502.yml
path testdata/UniqueCondition_a54c5312ca3dbb0f063396db5121e3fa0693a07c38a1fcf8f9e106c72a82714e.yml
path testdata/UniqueCondition_a70faaa2cbadf79bcda32e1323a43e9904bb53cdf95f76c0259c642ec88eb252.yml
path testdata/UniqueCondition_a7eb4eb004d7dd5a20dbe84d2d3822326155ab3d87770170119f84c92a720449.yml
path testdata/UniqueCondition_a887ac0ff8639a97749c608fca522e0a6a4237d8fcfd929ddfca1bc0609c3fa5.yml
path testdata/UniqueCondition_a92e8b3f7a66bf329e174de166740ae9bf4c24752e8715504c922c12bd9b0ece.yml
path testdata/UniqueCondition_a9cc8c7877dd4e4ac98e50c6c678af4f234509ee64b6c49b82bb63a99fd98a99.yml
path testdata/UniqueCondition_aa23252e5cc23a94e9971e6b5848dd02bde1eb56eb1a59459b5d70e481ee1f1e.yml
path testdata/UniqueCondition_ac243cb53fc6845421f4c8c68e4f8a105cb1c5fbb5592f1653d28b588c8773b8.yml
path testdata/UniqueCondition_ad4baa531f89fffb38968dbd895ae1e35127caa91d0d23ecbd59e345b2e6ecfe.yml
path testdata/UniqueCondition_ade280a0b58fb7fe454a39b26f3a5cb84880cc00a411bff9de409059e06ee80a.yml
path testdata/UniqueCondition_ae2beae940f497714f7cf581465a138ad03200fae7f2cc5b0d3bd9cb6ba66017.yml
path testdata/UniqueCondition_ae6bee1d88c9edc6a7c3716cf53d4bc2324541c417c2569ce5fcdc70fc2f34e9.yml
path testdata/UniqueCondition_ae73d074223517bb5a77c43f8bc5accf69bd43363f9a0305225559d55ccd6e96.yml
path testdata/UniqueCondition_af964d493ac28fa9426f393b1713cdd9d2859cbeb4783781ac6566dbc36b5dd7.yml
path testdata/UniqueCondition_b14db4d3b124559474dffde89601db9d6c055f1b478b6ece4966df7325b3345d.yml
path testdata/UniqueCondition_b1d8ed6cfe1386d84e30f703cbb5e1ee6ee9759f4fc878ec4ff5175b08471ec4.yml
path testdata/UniqueCondition_b43e40744e015b270c40a3c0759c53c1a9779ad484a20d82a9032291818ccfd1.yml
path testdata/UniqueCondition_b5034b0c7daa63ddd8e43def61590a553d037b80331d535ae62a96598ed469e1.yml
path testdata/UniqueCondition_b5776430ec7421f8e9d410ceb0f96af0ad3dad2b8e413690ad33f0d5f5914fe2.yml
path testdata/UniqueCondition_b6dd56367291e523125bf9b6bf319dcd4f5abf50f579b893c5eb79644d4de76f.yml
path testdata/UniqueCondition_b765004466d0746dd988a3393bc748e543f7c92e763a1d81ef91e1ac46499fbf.yml
path testdata/UniqueCondition_b790508d0b510d6fc956d0f4cb0d70ac00123026cc4dda4dc8c649c2d2f1ed6e.yml
path testdata/UniqueCondition_b84356ce57e751420b645201da8428573e60a80bbaed20beaa254d44d771906a.yml
path testdata/UniqueCondition_b849d628ea02defa85133c3c146e76f7b33dc3b18f1cb89de116cb2bf144666d.yml
path testdata/UniqueCondition_b956c07d24d4396218c01984d35c5a00481fd803af0e7c3917d0d5775448e5ab.yml
path testdata/UniqueCondition_ba20f76451aba07bc62ab52572904f452a5693f462fd7ed7056747d7480574c3.yml
path testdata/UniqueCondition_ba67b7c7dab175b29975e5d6cd8801b81334a9b1eaaa51cec29230fdaea4e0e9.yml
path testdata/UniqueCondition_baf2ca75107db888732ed65b1ce7737ae56f8cbbad59b48eb0a5ab0e2b82d1c6.yml
path testdata/UniqueCondition_baf61ff7ec73fcb1ab447e5b758782abf91b13b79abf1dc9600bc2740274a08c.yml
path testdata/UniqueCondition_bb145be51563adf6028b7266711fbd4263715c7286d3d47e6bb2a910b71a4b12.yml
path testdata/UniqueCondition_bccd1da53f00e1cab95f541d472eb20cbf195d06c1ac6bc39c248cdb23af8d61.yml
path testdata/UniqueCondition_bd6345bcc715b4512ebdb2e6f57e9daa8a33d309d76584d58bd4e88a46125c95.yml
path testdata/UniqueCondition_bfcb6d0b2d6f9ad07a9f1064b1c095305e71355e2bbae844f5bf8fb046def8d0.yml
path testdata/UniqueCondition_c1367cde61f3bfbbf83ea05140c405aea222265491cb174ffe6c2f43ea2b934a.yml
path testdata/UniqueCondition_c26efca3a5d6572b4c3fc90290b8518c406468adb5c1f8e90cfd07392450ab13.yml
path testdata/UniqueCondition_c3c9c8921feba5bd7165d94234bbb67ce9bddcc1cf7309ba1414b0062c5b3ffe.yml
path testdata/UniqueCondition_c43bd6c8fa377b7408c3472495199f7c91fbfb1b225257b3c67c508427e3881c.yml
path testdata/UniqueCondition_c69464ce10fedb2aacc427ffd74c64d9f0d389891b49db4000f80dc3e9ad9e95.yml
path testdata/UniqueCondition_c6a768198f2ddecd7da9ad4c458dc0d62ae8af8305c546cd379ca37fb39e63b0.yml
path testdata/UniqueCondition_c7491f75f064e3d08209b8752a94d38e972190ea5199b3f5675a1cec0e65bdaa.yml
path testdata/UniqueCondition_c7794eeb149d3056755e292623bfa939e721460ce853ef86cd08d850953d83a2.yml
path testdata/UniqueCondition_c8261fb2a7b1cf48271f33de9c696aef0cbc67e928b303720173dc9e0f0a2b5a.yml
path testdata/UniqueCondition_ca7bc9e3b82c2434d68e73b2bb4424bbd5a6c479477a25f8bb2a285d6932e2f6.yml
path testdata/UniqueCondition_cc52e7cbb51f04be01b8cd8aad62b38d5dea1f793533425d948aec7f2400c276.yml
path testdata/UniqueCondition_cc7a66474032021e16e7948bd3290dead3a383f8bd5c8876a96a7eb45305ebd8.yml
path testdata/UniqueCondition_cd1b0038c03d5f6e0670a0c091571639713b9475764654d39e83c05240e6c6fb.yml
path testdata/UniqueCondition_cd7717bd6d477ba5ad31d20830ddd7dc0b579b576f8227c3d61d5af54055dbfa.yml
path testdata/UniqueCondition_cdff83464d5d5b13f6469d7156197e51cea87d71f72307ecaa6168fb93f796fa.yml
path testdata/UniqueCondition_ce7e321ccc92a5df72433aa33a7d022fa2f945667b3db4bc211260922aeee51b.yml
path testdata/UniqueCondition_cf74083c55ed2112f41e85caace6c5e3c29c6ad69995dc1d28431f8972ec20ee.yml
path testdata/UniqueCondition_d084f43b8322aa2c283076671cff45d45306dcc87f81649a37814c1e91e73688.yml
path testdata/UniqueCondition_d1db871af932545461054f039363e0e1cacf6e73cb1d90ea084d51cc24d731a0.yml
path testdata/UniqueCondition_d2e35f48d7357cde3a30b34e292a988b58534c2400f7968164922375e4d2c0fa.yml
path testdata/UniqueCondition_d39960117cdfd912c38355343102fbc7e3eb23947bf3ee19012d1e535bc10069.yml
path testdata/UniqueCondition_d3b3c8b895b3b047ffb84ae32d8d96954cd31150c187f1588e8bb6774fc9918d.yml
path testdata/UniqueCondition_d457552eb2b467f005e16b9c962f3021d031f3f2f16439c1130cf258d5353a64.yml
path testdata/UniqueCondition_d5b2a3b83339bd0f4e61019f7471b343f2a1989afbe6220a66c150a4ed322c1b.yml
path testdata/UniqueCondition_d609e8e44dcfc577551a86af6241762851998a2ba179e5c22511613ff39c7ddb.yml
path testdata/UniqueCondition_d683983162bb24a8e018e4c9d2724279fd1fe5d2265805a48e04b796757aef4c.yml
path testdata/UniqueCondition_d8897311a0cbda12f5f1907c0ee2c977dc1e8fdf3e83759bfc78fc8ebdb5d0af.yml
path testdata/UniqueCondition_d88b50ee1255dcfb4041182c3a7f49fef9b1cb3d414f600e51cc558fdb45e42b.yml
path testdata/UniqueCondition_d8def556d84f9bc2e88a43a27634e12e17a9a60390420dfb75565d709c2567b7.yml
path testdata/UniqueCondition_d8fcc5fccdd91c9940b6f60ea766d7544bfaaaa98c4deb69ca9bda8c62ea2ced.yml
path testdata/UniqueCondition_dcc3cec6774862582bc29a544aa9b9fb7647229f68aa0ab6166d155ffc619a41.yml
path testdata/UniqueCondition_dd1c2f4ecc8e68ba72939feffafa6c1d3494267da6f62644a89d87aefe63c6f5.yml
path testdata/UniqueCondition_de3769059027e199c8d705d54563a2fc84f8684f1088c556dc99986ab5c7383b.yml
path testdata/UniqueCondition_de7b368fcedfe573da026a573c7a239dbb84b38e101bd686a1f77f5709f299b0.yml
path testdata/UniqueCondition_df2f5a48f5fb7b705c5476d78cf15c83e8c9bea23a4fef65600d367702586e3a.yml
path testdata/UniqueCondition_e0ca8681eb9a0177fbf3e248e468070e30577cf419691c05112856c90ae97d87.yml
path testdata/UniqueCondition_e13c46bea598b7e50822477514d40d419a66859d17e36c7375e7ba4e2006d252.yml
path testdata/UniqueCondition_e209cc8b415068fd1f96c0132e71d06a290364f56f4f5f6842ff16d89d2a048c.yml
path testdata/UniqueCondition_e230d5ff8c744146ba96d1c214c5874fee166c93be2d86b017617628b12376ce.yml
path testdata/UniqueCondition_e478178a4d035b78bce503928dc8d9a61b6123ae53aaee4308fc6d5bed5b0d8b.yml
path testdata/UniqueCondition_e62fc65bd85269bc550b7b2c1f78ad885a65254a12f150c5a8e154e664ab96e7.yml
path testdata/UniqueCondition_e85bdb113bd40db03083feb231896e6ffd5ccb1687bbe9cdd0cc59b8dae1cede.yml
path testdata/UniqueCondition_e87cfcd09b95a8decf1dbce74fcacbba5fc40deab7a8712561f714fc97dbef6a.yml
path testdata/UniqueCondition_e9806e31c36e3bfbb03673328563a6657f94f9cb6cb73ed9e1e1453f8fa7b002.yml
path testdata/UniqueCondition_ea274400e8b3412fd14db672523496414aa71556665abdf12d43a9bd1356ba1b.yml
path testdata/UniqueCondition_eaafab5a02e3d7a2f86bfc705bf2a77a9d0bdee7f59d49dde88274c229becd74.yml
path testdata/UniqueCondition_eb254bb4d0ad26ccf6d4ab8f7138e89a8375c907e9cd052872173e2ab8c64892.yml
path testdata/UniqueCondition_ec6bf4c4a15f4fadca59c5d7dd540241827e301c301f58d390611ddf9baa11b2.yml
path testdata/UniqueCondition_ec7875fe2e35e004219711fcaa7446f212325590e50517dc2d491b7747de671a.yml
path testdata/UniqueCondition_ef00c500ec34acf3f0256d7825b9248427ddb22d8943cecb485c5dc44e2adfc0.yml
path testdata/UniqueCondition_effef0dbd680fc264b7f355cb6594469bb45ed895fa7b089e4a4003a5276a85a.yml
path testdata/UniqueCondition_f055cbe2681f2c88a318049cb1a66643af5ef86810aafa03bedf6256cdb51a80.yml
path testdata/UniqueCondition_f15b8001d7c4bc7c1560704c285c2e0eba97dcada9833d944d3d9a8e5c5a03e2.yml
path testdata/UniqueCondition_f23b9154cea869409c300e3fb46a73f2cd5cac4e02c1c649da09563633409a36.yml
path testdata/UniqueCondition_f26ae0da4c4a9adc1c88dcb98119e256fa4aae8371f43c9ff66603653928bbfd.yml
path testdata/UniqueCondition_f2743442b492c73f210be13c08ddd8097ecca0651c1c19bf848c5bc34ad2246a.yml
path testdata/UniqueCondition_f28f414bcaa09bf7f81fd9c3340f28ff179b855ffb9e81db1a48886bc2e8b0d2.yml
path testdata/UniqueCondition_f2c9029c864b24316c038c692903ce3730b47c552e67541a6c2f235f14e9d612.yml
path testdata/UniqueCondition_f3066908fa4ab04f990f49b4ac429a2e409ab4fae32fe41fc742e1a60af50aea.yml
path testdata/UniqueCondition_f3764f8421c8049c6459d913c77e6a609426c46467518d996f093e0e1b82a468.yml
path testdata/UniqueCondition_f40638cbf474f49fd8d2ed4f2bbec62b81e2abf33182c3e675b2de72d2a3e28b.yml
path testdata/UniqueCondition_f4ca290b03e0c27b36ed28b2217edaf31738e338bb493c2ba0195606770a4846.yml
path testdata/UniqueCondition_f5900c7f72f47b9b90eff7b4e903144c8369f2344055f4a3cfbcfe1587e0fa7c.yml
path testdata/UniqueCondition_f5b3203f8f9b2c6a78ae7dce4e3c8574492c1b6795ba9ebdaaad8cea697d4282.yml
path testdata/UniqueCondition_f6715693ea94ab0626b817c89a9722e8baa4498d9e9c51a6e19cc113b447d84e.yml
path testdata/UniqueCondition_f81be0ea011f1645c55e937828c1d67691233e5d7ff4574325346e3f1d8831db.yml
path testdata/UniqueCondition_f942cf036adc8118897905fee4e962cd0ec95aed41b56f6223268ced9c38ce33.yml
path testdata/UniqueCondition_f94864492421b8bcf3a4bb9f928cc5cc35c8b0cc8a7631bbf26ef0ebfb04991c.yml
path testdata/UniqueCondition_f9b78b9bf0619eb1a3760cc07439bdef4b98331af0c2226fd776a867d62cff55.yml
path testdata/UniqueCondition_fb468883bc972d66da32a7dc0c8d6f0096f7af0d376bfbd8f4d0a82f6ed4108d.yml
path testdata/UniqueCondition_fd2673e598c8f4ac117f7d928d993e8e5e285d0f84ac07efe9d89a050aa28d02.yml
path testdata/UniqueCondition_fdae7d4fec8ddb71c8db9f237c7bba057327de594ce24a85b58bd990ccce1a4e.yml
path testdata/UniqueCondition_fe4c0f7c9ca1b3d63084f13442a47bcc3a597da34f325423856cabc0f0a6451a.yml
path testdata/UniqueCondition_fea1e7609f3e4e4cd31111923fa71b1fbf2f546473ad0c5cd1331a0f65c31a6a.yml
path testdata/UniqueCondition_ffb3bb4e44ae67dfc542d5853113ed5b6f7df48aa311e20ab055e4d5d2875cdb.yml
path testdata/UpstreamSigmaRule.rule.yml
path testdata/generate_upstream_condition.sh
path testdata/proc_creation_win_apt_chafer_mar18.rule.yml
path testdata/proxy_apt40.rule.yml
path testdata/sysmon.config.yml
path testdata/zeek_smb_converted_win_susp_psexec.rule.yml
PASS
ok  	github.com/bradleyjkemp/sigma-go	0.177s

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bradleyjkemp bradleyjkemp Awaiting requested review from bradleyjkemp

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@AdrielVelazquez @bradleyjkemp