From 79a6fb0d16e56ba26451e90f00b20ea7d0bfb941 Mon Sep 17 00:00:00 2001 From: Siddhesh Parab <64590875+sidxparab@users.noreply.github.com> Date: Wed, 13 Aug 2025 18:51:12 +0530 Subject: [PATCH 1/2] Updated security_rules.py --- server/secops/secops_mcp/tools/security_rules.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/server/secops/secops_mcp/tools/security_rules.py b/server/secops/secops_mcp/tools/security_rules.py index 9020c0cc..64398fab 100644 --- a/server/secops/secops_mcp/tools/security_rules.py +++ b/server/secops/secops_mcp/tools/security_rules.py @@ -468,11 +468,12 @@ async def test_rule( chronicle = get_chronicle_client(project_id, customer_id, region) # Define time range for testing - from datetime import datetime, timedelta, timezone - end_time = datetime.now(timezone.utc) + current_time = datetime.now(timezone.utc) + # Buffer back to the start of the current hour + end_time = current_time.replace(minute=0, second=0, microsecond=0) # Rounds down to the start of current hour start_time = end_time - timedelta(hours=hours_back) - logger.info(f'Rule test time range: {start_time} to {end_time}') + logger.info(f'Rule test time range: {start_time} to {end_time} (buffered to start of current hour)') # Test the rule test_results = chronicle.run_rule_test( From a90f7c0c3cd5b7f80a9b4fe0b88984728c4f20ad Mon Sep 17 00:00:00 2001 From: Mihir Vala <179564180+mihirvala-crestdata@users.noreply.github.com> Date: Wed, 15 Oct 2025 15:47:37 +0530 Subject: [PATCH 2/2] feat(secops_mcp): Add datetime imports --- server/secops/secops_mcp/tools/security_rules.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/server/secops/secops_mcp/tools/security_rules.py b/server/secops/secops_mcp/tools/security_rules.py index 64398fab..d176d200 100644 --- a/server/secops/secops_mcp/tools/security_rules.py +++ b/server/secops/secops_mcp/tools/security_rules.py @@ -14,11 +14,11 @@ """Security Operations MCP tools for security rules.""" import logging +from datetime import datetime, timedelta, timezone from typing import Any, Dict, Optional from secops_mcp.server import get_chronicle_client, server - # Configure logging logger = logging.getLogger('secops-mcp')