Minor Bug Fixes

eric-forte-elastic · eric-forte-elastic · commit f1e5e689ae72 · 2025-05-28T14:45:54.000-04:00
diff --git a/Makefile b/Makefile
@@ -2,6 +2,7 @@
 ### detection-rules
 #################
 
+APP_NAME := detection-rules
 VENV := ./env/detection-rules-build
 VENV_BIN := $(VENV)/bin
 PYTHON := $(VENV_BIN)/python
@@ -26,7 +27,7 @@ deps: $(VENV)
 	$(PIP) install lib/kql
 
 .PHONY: hunting-deps
-deps: $(VENV)
+hunting-deps: $(VENV)
 	@echo "Installing all dependencies..."
 	$(PIP) install .[hunting]
 
@@ -58,13 +59,13 @@ test-remote-cli: $(VENV) deps
 	@./detection_rules/etc/test_remote_cli.bash
 
 .PHONY: test-hunting-cli
-test-remote-cli: $(VENV) hunting-deps
+test-hunting-cli: $(VENV) hunting-deps
 	@echo "Executing test_hunting_cli script..."
 	@./detection_rules/etc/test_hunting_cli.bash
 
 .PHONY: release
 release: deps
-	@echo "RELEASE: $(app_name)"
+	@echo "RELEASE: $(APP_NAME)"
 	$(PYTHON) -m detection_rules dev build-release --generate-navigator
 	rm -rf dist
 	mkdir dist
diff --git a/detection_rules/etc/test_hunting_cli.bash b/detection_rules/etc/test_hunting_cli.bash
@@ -15,11 +15,11 @@ echo "Refreshing index"
 python -m hunting refresh-index
 
 echo "Generating Markdown: initial_access_higher_than_average_failed_authentication.toml"
-python -m hunting generate-markdown /Users/tdejesus/code/src/detection-rules/hunting/okta/queries/initial_access_higher_than_average_failed_authentication.toml
+python -m hunting generate-markdown hunting/okta/queries/initial_access_higher_than_average_failed_authentication.toml
 
 echo "Running Query: low_volume_external_network_connections_from_process.toml"
 echo "Requires .detection-rules-cfg.json credentials file set."
-python -m hunting run-query --file-path /Users/tdejesus/code/src/detection-rules/hunting/linux/queries/low_volume_external_network_connections_from_process.toml --all
+python -m hunting run-query --file-path hunting/linux/queries/low_volume_external_network_connections_from_process.toml --all
 
 echo "Viewing Hunt: 12526f14-5e35-4f5f-884c-96c6a353a544"
 python -m hunting view-hunt --uuid 12526f14-5e35-4f5f-884c-96c6a353a544 --format json
diff --git a/hunting/markdown.py b/hunting/markdown.py
@@ -93,7 +93,7 @@ def update_or_add_entry(self, hunt_config: Hunt, toml_path: Path) -> None:
 
         entry = {
             'name': hunt_config.name,
-            'path': f"./{toml_path.relative_to(self.base_path).as_posix()}",
+            'path': f"./{toml_path.resolve().relative_to(self.base_path).as_posix()}",
             'mitre': hunt_config.mitre
         }
 

Original file line number	Diff line number	Diff line change
`@@ -93,7 +93,7 @@ def update_or_add_entry(self, hunt_config: Hunt, toml_path: Path) -> None:`
`93`	`93`
`94`	`94`	`entry = {`
`95`	`95`	`'name': hunt_config.name,`
`96`		`- 'path': f"./{toml_path.relative_to(self.base_path).as_posix()}",`
	`96`	`+ 'path': f"./{toml_path.resolve().relative_to(self.base_path).as_posix()}",`
`97`	`97`	`'mitre': hunt_config.mitre`
`98`	`98`	`}`
`99`	`99`