From fa2dcbcc772a2dd484989156982e8f35bbe38601 Mon Sep 17 00:00:00 2001
From: Fabian Affolter <mail@fabian-affolter.ch>
Date: Sun, 7 Aug 2022 19:28:05 +0200
Subject: [PATCH] python310Packages.pysigma-backend-qradar: init at 0.1.9

---
 .../pysigma-backend-qradar/default.nix        | 49 +++++++++++++++++++
 pkgs/top-level/python-packages.nix            |  2 +
 2 files changed, 51 insertions(+)
 create mode 100644 pkgs/development/python-modules/pysigma-backend-qradar/default.nix

diff --git a/pkgs/development/python-modules/pysigma-backend-qradar/default.nix b/pkgs/development/python-modules/pysigma-backend-qradar/default.nix
new file mode 100644
index 000000000000..348dd6991a5b
--- /dev/null
+++ b/pkgs/development/python-modules/pysigma-backend-qradar/default.nix
@@ -0,0 +1,49 @@
+{ lib
+, buildPythonPackage
+, fetchFromGitHub
+, poetry-core
+, pysigma
+, pysigma-pipeline-sysmon
+, pytestCheckHook
+, pythonOlder
+, requests
+}:
+
+buildPythonPackage rec {
+  pname = "pysigma-backend-qradar";
+  version = "0.1.9";
+  format = "pyproject";
+
+  disabled = pythonOlder "3.8";
+
+  src = fetchFromGitHub {
+    owner = "nNipsx-Sec";
+    repo = "pySigma-backend-qradar";
+    rev = "v${version}";
+    hash = "sha256-b3e8cVrVFZgihhEk6QlUnRZigglczHUa/XeMvMzNYLk=";
+  };
+
+  nativeBuildInputs = [
+    poetry-core
+  ];
+
+  propagatedBuildInputs = [
+    pysigma
+  ];
+
+  checkInputs = [
+    pysigma-pipeline-sysmon
+    pytestCheckHook
+  ];
+
+  pythonImportsCheck = [
+    "sigma.backends.qradar"
+  ];
+
+  meta = with lib; {
+    description = "Library to support Qradar for pySigma";
+    homepage = "https://github.com/nNipsx-Sec/pySigma-backend-qradar";
+    license = with licenses; [ lgpl21Only ];
+    maintainers = with maintainers; [ fab ];
+  };
+}
diff --git a/pkgs/top-level/python-packages.nix b/pkgs/top-level/python-packages.nix
index 76ab4a8a7470..17ebd0e5e74e 100644
--- a/pkgs/top-level/python-packages.nix
+++ b/pkgs/top-level/python-packages.nix
@@ -8200,6 +8200,8 @@ in {
 
   pysigma-backend-opensearch = callPackage ../development/python-modules/pysigma-backend-opensearch { };
 
+  pysigma-backend-qradar = callPackage ../development/python-modules/pysigma-backend-qradar { };
+
   pysigma-backend-splunk = callPackage ../development/python-modules/pysigma-backend-splunk { };
 
   pysigma-backend-insightidr = callPackage ../development/python-modules/pysigma-backend-insightidr { };