From 8d234eeac9a7760f59745c6ff5a03760d128cf00 Mon Sep 17 00:00:00 2001
From: viktorbeck98 <viktor.beck98@gmail.com>
Date: Mon, 15 Dec 2025 16:00:59 +0100
Subject: [PATCH 1/2] fix json parser

---
 config/pipeline_config_default.yaml          | 12 ++++++++++++
 src/detectmatelibrary/parsers/json_parser.py |  4 +++-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/config/pipeline_config_default.yaml b/config/pipeline_config_default.yaml
index a579dc6..1ce2c62 100644
--- a/config/pipeline_config_default.yaml
+++ b/config/pipeline_config_default.yaml
@@ -17,6 +17,17 @@ parsers:
             lowercase: True
             path_templates: tests/test_folder/audit_templates.txt
 
+    JsonMatcherParser:
+        method_type: matcher_parser
+        auto_config: False
+        log_format: "<Content>"
+        time_format: null
+        params:
+            remove_spaces: True
+            remove_punctuation: True
+            lowercase: True
+            path_templates: local/miranda_templates.txt
+
     JsonParser:
         method_type: json_parser
         time_format: null
@@ -24,6 +35,7 @@ parsers:
         params:
             timestamp_name: "time"
             content_name: "message"
+            content_parser: JsonMatcherParser
 
 detectors:
     RandomDetector:
diff --git a/src/detectmatelibrary/parsers/json_parser.py b/src/detectmatelibrary/parsers/json_parser.py
index 64b9aa8..713b8f2 100644
--- a/src/detectmatelibrary/parsers/json_parser.py
+++ b/src/detectmatelibrary/parsers/json_parser.py
@@ -47,6 +47,7 @@ class JsonParserConfig(CoreParserConfig):
     method_type: str = "json_parser"
     timestamp_name: str = "time"
     content_name: str = "message"
+    content_parser: str = "JsonMatcherParser"
 
 
 class JsonParser(CoreParser):
@@ -57,7 +58,8 @@ def __init__(
     ) -> None:
 
         if isinstance(config, dict):
-            content_parser_config = MatcherParserConfig.from_dict(config, "MatcherParser")
+            content_parser_name = config.get("content_parser", "JsonMatcherParser")
+            content_parser_config = MatcherParserConfig.from_dict(config, content_parser_name)
             self.content_parser = MatcherParser(config=content_parser_config)
             config = JsonParserConfig.from_dict(config, name)
         super().__init__(name=name, config=config)

From 3d51fd13fce8b46619da086a526f07e4b2dabf85 Mon Sep 17 00:00:00 2001
From: viktorbeck98 <viktor.beck98@gmail.com>
Date: Mon, 15 Dec 2025 16:02:32 +0100
Subject: [PATCH 2/2] fix tests

---
 tests/test_parsers/test_json_parser.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/test_parsers/test_json_parser.py b/tests/test_parsers/test_json_parser.py
index 34d486c..74b22b3 100644
--- a/tests/test_parsers/test_json_parser.py
+++ b/tests/test_parsers/test_json_parser.py
@@ -135,7 +135,7 @@ def test_parse_with_content_parser(self):
                     "timestamp_name": "time",
                     "content_name": "message",
                 },
-                "MatcherParser": {
+                "JsonMatcherParser": {
                     "auto_config": True,
                     "method_type": "matcher_parser",
                     "path_templates": "tests/test_folder/test_templates.txt"