total_replay_tool

t-contreras · t-contreras · commit aa698245f2b8 · 2025-11-25T10:49:15.000+01:00
diff --git a/README.md b/README.md
@@ -126,6 +126,11 @@ See a quick demo 📺 of the process to dump a dataset [here](https://www.youtub
 
 To contribute a dataset simply create a PR on this repository, for general instructions on creating a PR [see this guide](https://gist.github.com/Chaser324/ce0505fbed06b947d962).
 
+# TOTAL-REPLAY
+A lightweight tool helps you make the most of Splunk’s [Security Content](https://github.com/splunk/security_content) metadata, such as detection names, analytic stories, and more, by replaying relevant test event logs or attack data from either the [Splunk Attack Data](https://github.com/splunk/attack_data) or [Splunk Attack Range](https://github.com/splunk/attack_range) projects.
+
+for more information of this tool, please refer to [TOTAL-REPLAY Guide](total_replay/readme.md)
+
 # Automatically generated Datasets ⚙️
 
 This project takes advantage of automation to generate datasets using the attack_range. You can see details about this service on this [sub-project folder attack_data_service](https://github.com/splunk/attack_data/tree/master/attack_data_service).
diff --git a/total_replay/configuration/config.yml b/total_replay/configuration/config.yml
@@ -9,4 +9,4 @@ settings:
   python_interpreter_name: python3
   attack_range_version_on: False
   attack_data_version_on: True
-  debug_print: True
+  debug_print: False
diff --git a/total_replay/readme.md b/total_replay/readme.md
@@ -28,12 +28,17 @@ settings:
   attack_range_dir_path: ~/path/to/your/attack_range
 ```
 
-4. enable the `attack_range_version_on` config setting in total_replay->configuration->config.yml:
+4. Enable the `attack_range_version_on` config setting in total_replay->configuration->config.yml:
    **NOTE: You can enable  either `attack_range_version_on` or `attack_data_version_on` settings**
 ```
 attack_range_version_on: True
 ```
 
+5. If you encounter problem with colorama python library just update it.
+```  
+poetry update colorama
+```
+
 #### TOTAL-REPLAY IN SPLUNK ATTACK-DATA REPO:
 ---
 
@@ -54,7 +59,9 @@ cd /path/to/your/total-replay-project
 poetry shell
 ```
 6. Install project dependencies
-
+```
+poetry install
+```
 7. In total_replay->configuration->config.yml, add the folder path of the Splunk Attack Data repo and the detection folder path in Splunk Security Content.
 
 ```
