Adjusting notify_mozdefbot to true, and alert Classname.

alerts/write_audit.py

@@ -11,7 +11,7 @@ from lib.alerttask import AlertTask
 from query_models import SearchQuery, TermMatch, QueryStringMatch, PhraseMatch
 
 
-class WriteAudit(AlertTask):
+class AlertWriteAudit(AlertTask):
     def main(self):
         self.parse_config('write_audit.conf', ['skipprocess'])
         search_query = SearchQuery(minutes=5)

tests/alerts/test_write_audit.py

@@ -34,7 +34,7 @@ class TestWriteAudit(AlertTestSuite):
         "severity": "WARNING",
         "summary": "5 Filesystem write(s) to an auditd path by randomjoe on exhostname (5 hits)",
         "tags": ['audit'],
-        "notify_mozdefbot": False,
+        "notify_mozdefbot": True,
     }
 
     test_cases = []