update

Patrick Bareiss · Patrick Bareiss · commit ccc10f8d7a6a · 2025-08-11T12:20:06.000+02:00
diff --git a/bin/dataset_analyzer.py b/bin/dataset_analyzer.py
@@ -34,6 +34,7 @@
 import re
 import logging
 import argparse
+import uuid
 from pathlib import Path
 from typing import Dict, List, Tuple, Optional, Callable, Any
 from dataclasses import dataclass, field
@@ -407,6 +408,12 @@ def _initialize_rules(self) -> List[CategoryRule]:
                 source="suricata",
                 description="Suricata logs"
             ),
+            CategoryRule(
+                pattern=r".*zeek_conn.*",
+                sourcetype="bro:conn:json",
+                source="bro",
+                description="Zeek conn logs"
+            ),
             CategoryRule(
                 pattern=r".*exchange.*",
                 sourcetype="MSExchange:Management",
@@ -644,8 +651,7 @@ def analyze_technique_directory(self, technique_path: Path) -> Optional[Dict]:
         # Generate YAML structure
         yaml_data = {
             'author': 'Generated by dataset_analyzer.py',
-            'id': (f'generated-{mitre_technique.lower()}-'
-                   f'{datetime.now().strftime("%Y%m%d")}'),
+            'id': str(uuid.uuid4()),
             'date': datetime.now().strftime('%Y-%m-%d'),
             'description': (f'Automatically categorized datasets for technique '
                             f'{mitre_technique}'),
@@ -789,8 +795,7 @@ def _analyze_data_directory(self, data_dir: Path) -> Optional[Dict]:
         
         yaml_data = {
             'author': 'Generated by dataset_analyzer.py',
-            'id': (f'generated-{data_dir.name.lower()}-'
-                   f'{datetime.now().strftime("%Y%m%d")}'),
+            'id': str(uuid.uuid4()),
             'date': datetime.now().strftime('%Y-%m-%d'),
             'description': (f'Automatically categorized datasets in directory '
                             f'{directory_str}'),
@@ -844,8 +849,7 @@ def analyze_generic_directory(self, directory_path: Path) -> Optional[Dict]:
         
         yaml_data = {
             'author': 'Generated by dataset_analyzer.py',
-            'id': (f'generated-{directory_path.name.lower()}-'
-                   f'{datetime.now().strftime("%Y%m%d")}'),
+            'id': str(uuid.uuid4()),
             'date': datetime.now().strftime('%Y-%m-%d'),
             'description': (f'Automatically categorized datasets in directory '
                             f'{directory_path.name}'),
