System info attack technique's identical results grouped

2019-07-10 09:11:13 +03:00 · 2019-07-10 09:11:13 +03:00 · 09e1abb3cb
parent e1baacd0f0
commit 09e1abb3cb
1 changed files with 3 additions and 1 deletions
--- a/monkey/monkey_island/cc/services/attack/technique_reports/T1082.py
+++ b/monkey/monkey_island/cc/services/attack/technique_reports/T1082.py
@ -32,7 +32,9 @@ class T1082(AttackTechnique):
                              'name': {'$literal': 'SSH info'}},
                             {'used': {'$and': [{'$ifNull': ['$azure_info', False]}, {'$ne': ['$azure_info', []]}]},
                              'name': {'$literal': 'Azure info'}}
-                             ]}}]
+                             ]}},
+             {'$group': {'_id': {'machine': '$machine', 'collections': '$collections'}}},
+             {"$replaceRoot": {"newRoot": "$_id"}}]

    @staticmethod
    def get_report_data():