Add support for parent_name in definition files

[rc-csmith]

Changes

• Added support for parent_name definition file field in all product files
• Added support for filemod and modload in vmware_cb_enterprise_edr.py
• Updated spec tests to include new definition file field
• Consolidated test data into single file
• Fix bug in vmware_cb_enterprise_edr.py to properly record full query

Closes #122
Closes #131

[ChuckFrey]

I was trying to baseline a query to validate the pull request and I ran into a problem that stopped me from further testing. The following can be done in CbC'srclabtestcbthreathunter

device_name:ec2amaz\-b8bka2n AND process_cmdline:notepad.exe

w/out the sensor group specified
[2023-12-21 12:52:04,872][INFO] Executing surveyor command python /Users/chuckfrey/Documents/surveyor/surveyor.py --profile rclabtestcbthreathunter_rclabtestcbthreathunter --prefix rclabtestcbthreathunter_rclabtestcbthreathunter_cbc --output /Users/chuckfrey/Documents/github/cirt-threat-hunting/results/rclabtestcbthreathunter_rclabtestcbthreathunter_cbc_survey.csv --days 2 --hostname EC2AMAZ-B8BKA2N --query ' process_cmdline:notepad.exe' cbc --sensor-group ' '. See actual surveyor logs for more details.
Usage: surveyor.py cbc [OPTIONS]
Try 'surveyor.py cbc -h' for help.

Error: No such option: --sensor-group Did you mean --device-group?
[2023-12-21 12:52:05,998][INFO] Cleaning results files in /Users/chuckfrey/Documents/github/cirt-threat-hunting/results
[2023-12-21 12:52:06,000][ERROR] No file, /Users/chuckfrey/Documents/github/cirt-threat-hunting/results/rclabtestcbthreathunter_rclabtestcbthreathunter_cbc_survey.csv, found. Skipping to next file
[2023-12-21 12:52:06,000][WARNING] Appened dataframe appears to be empty. No files output.

w/ the sensor group specified

2023-12-21 12:58:31,790][INFO] Collecting credentials for all supported EDR sources for subdomain rclabtestcbthreathunter
[2023-12-21 12:58:52,785][INFO] Processing all supported EDR sources for subdomain rclabtestcbthreathunter
[2023-12-21 12:58:52,785][INFO] Total Profiles: 1
[2023-12-21 12:58:52,786][INFO] Executing surveyor command python /Users/chuckfrey/Documents/surveyor/surveyor.py --profile rclabtestcbthreathunter_rclabtestcbthreathunter --prefix rclabtestcbthreathunter_rclabtestcbthreathunter_cbc --output /Users/chuckfrey/Documents/github/cirt-threat-hunting/results/rclabtestcbthreathunter_rclabtestcbthreathunter_cbc_survey.csv --days 2 --hostname EC2AMAZ-B8BKA2N --query parent_cmdline:notepad.exe cbc --sensor-group MonitoredWithAVEnabled. See actual surveyor logs for more details.
Usage: surveyor.py cbc [OPTIONS]
Try 'surveyor.py cbc -h' for help.

Error: No such option: --sensor-group Did you mean --device-group?
[2023-12-21 12:58:53,889][INFO] Cleaning results files in /Users/chuckfrey/Documents/github/cirt-threat-hunting/results
[2023-12-21 12:58:53,891][ERROR] No file, /Users/chuckfrey/Documents/github/cirt-threat-hunting/results/rclabtestcbthreathunter_rclabtestcbthreathunter_cbc_survey.csv, found. Skipping to next file
[2023-12-21 12:58:53,891][WARNING] Appened dataframe appears to be empty. No files output.

new changes need additional review

[ChuckFrey]

No sure if needed anymore.