myoung34/main.go

## main.go
package main

import (
	"fmt"
	"github.com/myoung34/uptycs-client-go/uptycs"
	"os"
)

func main() {
	c, _ := uptycs.NewClient(uptycs.UptycsConfig{
		Host:       os.Getenv("UPTYCS_HOST"),
		ApiKey:     os.Getenv("UPTYCS_API_KEY"),
		ApiSecret:  os.Getenv("UPTYCS_API_SECRET"),
		CustomerID: os.Getenv("UPTYCS_CUSTOMER_ID"),
	})

	rule, err := c.CreateEventRule(uptycs.EventRule{
		Name:        "marc_is_awesomer",
		Description: "this is a test",
		Code:        "1651259159841CODE",
		Type:        "builder",
		Rule:        "builder",
		BuilderConfig: uptycs.BuilderConfig{
			TableName:     "process_open_sockets",
			Added:         true,
			MatchesFilter: true,
			Filters: uptycs.BuilderConfigFilter{
				And: []uptycs.BuilderConfigFilter{
					{
						Name:     "remote_address",
						Operator: "MATCHES_REGEX",
						Value:    uptycs.ArrayOrString{"^172.(1[6-9]|2[0-9]|3[01])|^10.|^192.168."},
						Not:      true,
					},
				},
			},
			Severity:   "low",
			Key:        "Test",
			ValueField: "pid",
		},
		EventTags: []string{
			"Tactic=Persistence",
			"Version=1.1",
			"Permissions Required=User",
		},
		Grouping:   "builderRules",
		GroupingL2: "Impact",
		GroupingL3: "T1560",
	})

	if err != nil {
		fmt.Println(err)
		return
	}
	fmt.Println(fmt.Sprintf("Created Rule '%s' with id %s", rule.Name, rule.ID))
}
	package main

	import (
	"fmt"
	"github.com/myoung34/uptycs-client-go/uptycs"
	"os"
	)

	func main() {
	c, _ := uptycs.NewClient(uptycs.UptycsConfig{
	Host: os.Getenv("UPTYCS_HOST"),
	ApiKey: os.Getenv("UPTYCS_API_KEY"),
	ApiSecret: os.Getenv("UPTYCS_API_SECRET"),
	CustomerID: os.Getenv("UPTYCS_CUSTOMER_ID"),
	})

	rule, err := c.CreateEventRule(uptycs.EventRule{
	Name: "marc_is_awesomer",
	Description: "this is a test",
	Code: "1651259159841CODE",
	Type: "builder",
	Rule: "builder",
	BuilderConfig: uptycs.BuilderConfig{
	TableName: "process_open_sockets",
	Added: true,
	MatchesFilter: true,
	Filters: uptycs.BuilderConfigFilter{
	And: []uptycs.BuilderConfigFilter{
	{
	Name: "remote_address",
	Operator: "MATCHES_REGEX",
	Value: uptycs.ArrayOrString{"^172.(1[6-9]\|2[0-9]\|3[01])\|^10.\|^192.168."},
	Not: true,
	},
	},
	},
	Severity: "low",
	Key: "Test",
	ValueField: "pid",
	},
	EventTags: []string{
	"Tactic=Persistence",
	"Version=1.1",
	"Permissions Required=User",
	},
	Grouping: "builderRules",
	GroupingL2: "Impact",
	GroupingL3: "T1560",
	})

	if err != nil {
	fmt.Println(err)
	return
	}
	fmt.Println(fmt.Sprintf("Created Rule '%s' with id %s", rule.Name, rule.ID))
	}