gis-9099 add microsoft sentinel to one vendor flow

Author: nazargesyk

uncoder-core/app/translator/platforms/microsoft/const.py

@@ -53,7 +53,7 @@
     "group_id": "microsoft-defender",
 }
 
-MICROSOFT_QUERY_TYPES = {_SENTINEL_KQL_QUERY, _SENTINEL_KQL_RULE}
+MICROSOFT_SENTINEL_QUERY_TYPES = {_SENTINEL_KQL_QUERY, _SENTINEL_KQL_RULE}
 
 microsoft_defender_query_details = PlatformDetails(**MICROSOFT_DEFENDER_DETAILS)
 microsoft_sentinel_query_details = PlatformDetails(**MICROSOFT_SENTINEL_QUERY_DETAILS)

uncoder-core/app/translator/translator.py

@@ -8,7 +8,7 @@
 from app.translator.core.render import QueryRender
 from app.translator.managers import ParserManager, RenderManager, parser_manager, render_manager
 from app.translator.platforms.elasticsearch.const import ELASTIC_QUERY_TYPES
-from app.translator.platforms.microsoft.const import MICROSOFT_QUERY_TYPES
+from app.translator.platforms.microsoft.const import MICROSOFT_SENTINEL_QUERY_TYPES
 from app.translator.platforms.roota.parsers.roota import RootAParser
 from app.translator.platforms.sigma.mapping import sigma_rule_mappings
 from app.translator.tools.decorators import handle_translation_exceptions
@@ -36,7 +36,7 @@ def __get_render(self, target: str) -> QueryRender:
 
     @staticmethod
     def __is_one_vendor_translation(source: str, target: str) -> bool:
-        vendors_query_types = [ELASTIC_QUERY_TYPES, MICROSOFT_QUERY_TYPES]
+        vendors_query_types = [ELASTIC_QUERY_TYPES, MICROSOFT_SENTINEL_QUERY_TYPES]
         for vendor_query_types in vendors_query_types:
             if source in vendor_query_types and target in vendor_query_types:
                 return True