From 7bb35392d064583b848daafd4d103497561db027 Mon Sep 17 00:00:00 2001 From: patel-bhavin Date: Tue, 7 Feb 2023 13:52:09 -0800 Subject: [PATCH] fixup --- ...s_txt_records_using_pretrained_model_in_dsdl.yml | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/detections/experimental/network/detect_suspicious_dns_txt_records_using_pretrained_model_in_dsdl.yml b/detections/experimental/network/detect_suspicious_dns_txt_records_using_pretrained_model_in_dsdl.yml index 2ecfe5c278..90a5cfac0d 100644 --- a/detections/experimental/network/detect_suspicious_dns_txt_records_using_pretrained_model_in_dsdl.yml +++ b/detections/experimental/network/detect_suspicious_dns_txt_records_using_pretrained_model_in_dsdl.yml @@ -41,19 +41,15 @@ how_to_implement: 'Steps to deploy detect suspicious DNS TXT records model into deep learning model that needs to be deployed in DSDL app. Follow the steps for deployment here - `https://github.com/splunk/security_content/wiki/How-to-deploy-pre-trained-Deep-Learning-models-for-ESCU`.\ - * Download the `artifacts .tar.gz` file from the link - `https://seal.splunkresearch.com/detect_suspicious_dns_txt_records_using_pretrained_model_in_dsdl.tar.gz`. + * Download the `artifacts .tar.gz` file from the link - `https://seal.splunkresearch.com/detect_suspicious_dns_txt_records_using_pretrained_model_in_dsdl.tar.gz`.\ - * Download the `detect_suspicious_dns_txt_records_using_pretrained_model_in_dsdl.ipynb` - Jupyter notebook from `https://github.com/splunk/security_content/notebooks`.\ + * Download the `detect_suspicious_dns_txt_records_using_pretrained_model_in_dsdl.ipynb` Jupyter notebook from `https://github.com/splunk/security_content/notebooks`.\ - * Login to the Jupyter Lab assigned for - `detect_suspicious_dns_txt_records_using_pretrained_model_in_dsdl` container. - This container should be listed on Containers page for DSDL app.\ + * Login to the Jupyter Lab assigned for `detect_suspicious_dns_txt_records_using_pretrained_model_in_dsdl` container. This container should be listed on Containers page for DSDL app.\ * Below steps need to be followed inside Jupyter lab.\ - * Upload the `detect_suspicious_dns_txt_records_using_pretrained_model_in_dsdl.tar.gz` file - into `app/model/data` path using the upload option in the jupyter notebook.\ + * Upload the `detect_suspicious_dns_txt_records_using_pretrained_model_in_dsdl.tar.gz` file into `app/model/data` path using the upload option in the jupyter notebook.\ * Untar the artifact `detect_suspicious_dns_txt_records_using_pretrained_model_in_dsdl.tar.gz` using `tar -xf app/model/data/detect_suspicious_dns_txt_records_using_pretrained_model_in_dsdl.tar.gz -C app/model/data`.\ @@ -62,6 +58,7 @@ how_to_implement: 'Steps to deploy detect suspicious DNS TXT records model into * Save the notebook using the save option in Jupyter notebook.\ * Upload `detect_suspicious_dns_txt_records_using_pretrained_model_in_dsdl.json` into `notebooks/data` folder.' + known_false_positives: False positives may be present if DNS TXT record contents are similar to benign DNS TXT record contents. references: