Merge pull request #25 from UncoderIO/fix-spl-rule-description

fix bug while generating description in spl-rule

Author: alexvolha

siem-converter/app/converter/platforms/splunk/renders/splunk_alert.py

@@ -55,13 +55,9 @@ def finalize_query(self, prefix: str, query: str, functions: str, meta_info: Met
         rule = rule.replace("<severity_place_holder>", severity_map.get(meta_info.severity, "1"))
         rule_description = get_rule_description_str(
             description=meta_info.description or 'Autogenerated Splunk Alert.',
-            license=meta_info.license,
-            mitre_attack=meta_info.mitre_attack
+            license=meta_info.license
         )
         rule = rule.replace("<description_place_holder>", rule_description)
-
-        description = f"{meta_info.description or 'Autogenerated Splunk Alert.'} License: {meta_info.license}."
-        rule = rule.replace("<description_place_holder>", description)
         mitre_techniques = self.__create_mitre_threat(meta_info=meta_info)
         if mitre_techniques:
             mitre_str = f"action.correlationsearch.annotations = {mitre_techniques})"