Merge pull request #116 from UncoderIO/gis-7834

Palo Alto. Switch operator contains --> ~= when field value has slash

Author: saltar-ua

uncoder-core/app/translator/platforms/palo_alto/renders/cortex_xsiam.py

@@ -62,9 +62,11 @@ def not_equal_modifier(self, field: str, value: DEFAULT_VALUE_TYPE) -> str:
             return f"({self.or_token.join([self.not_equal_modifier(field=field, value=v) for v in value])})"
         return f'{field} != "{self.apply_value(value)}"'
 
-    def contains_modifier(self, field: str, value: DEFAULT_VALUE_TYPE) -> str:
+    def contains_modifier(self, field: str, value: Union[list, str]) -> str:
         if isinstance(value, list):
             return f"({self.or_token.join(self.contains_modifier(field=field, value=v) for v in value)})"
+        if value.endswith("\\"):
+            return f'{field} ~= ".*{self.apply_value(value, value_type=ValueType.regex_value)}.*"'
         return f'{field} contains "{self.apply_value(value)}"'
 
     def endswith_modifier(self, field: str, value: DEFAULT_VALUE_TYPE) -> str: