My panther_analysis_tool test
commands are running tests on detections that I don't use, and some of these tests fail noisily. Why am I seeing errors in PAT for rules that are currently disabled?
PAT's test function ignores disabled detections when you use the --skip-disabled-tests
option. For more information, run panther_analysis_tool test --help
or see our documentation here.