CSEC_PUBLIC/WELA
1
0
Fork 0
mirror of https://github.com/Yamato-Security/WELA.git synced 2025-12-06 17:22:50 +01:00
Code Issues Packages Projects Releases Wiki Activity

chg: Output horizontally

Browse Source
This commit is contained in:
fukusuket
2025-03-21 08:08:12 +09:00
parent 85de4172ac
commit 5dcc297d7a
1 changed files with 15 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
WELA.ps1
View File

@@ -98,6 +98,13 @@ function CalculateUsableRate {
return $result return $result
} }
function CalculateTotalUsableRate {
param ($usableRate)
$totalUsable = ($usableRate | Measure-Object -Property UsableCount -Sum).Sum
$totalRulesCount = ($usableRate | Measure-Object -Property TotalCount -Sum).Sum
return "{0:N2}" -f ($totalUsable / $totalRulesCount * 100)
}
function ShowRulesCountsByLevel { function ShowRulesCountsByLevel {
param ($usableRate, $msg) param ($usableRate, $msg)
Write-Output $msg Write-Output $msg
@@ -198,12 +205,15 @@ $pwsModStatus = if ($pwsModEnabled) { "Enabled" } else { "Disabled" }
$pwsSrcStatus = if ($pwsScrEnabled) { "Enabled" } else { "Disabled" } $pwsSrcStatus = if ($pwsScrEnabled) { "Enabled" } else { "Disabled" }
# 123 / 1860 (6%) # 123 / 1860 (6%)
$totalUsableSecRate = CalculateTotalUsableRate -usableRate $usableSecRate
$totalUsablePwsClaRate = CalculateTotalUsableRate -usableRate $usablePwsClaRate
$totalUsablePwsModRate = CalculateTotalUsableRate -usableRate $usablePwsModRate
$totalUsablePwsScrRate = CalculateTotalUsableRate -usableRate $usablePwsScrRate
ShowRulesCountsByLevel -usableRate $usableSecRate -msg "Security event log detection rules: $totalUsableSecRate (Partially Enabled)"
ShowRulesCountsByLevel -usableRate $usableSecRate -msg "Security event log detection rules: (Partially Enabled)" ShowRulesCountsByLevel -usableRate $usablePwsClaRate -msg "PowerShell classic logging detection rules: $totalUsablePwsClaRate (Enabled)"
ShowRulesCountsByLevel -usableRate $usablePwsClaRate -msg "PowerShell classic logging detection rules: (Enabled)" ShowRulesCountsByLevel -usableRate $usablePwsModRate -msg "PowerShell module logging detection rules: $totalUsablePwsModRate ($pwsModStatus)"
ShowRulesCountsByLevel -usableRate $usablePwsModRate -msg "PowerShell module logging detection rules: ($pwsModStatus)" ShowRulesCountsByLevel -usableRate $usablePwsScrRate -msg "PowerShell script block logging detection rules: $totalUsablePwsScrRate ($pwsSrcStatus)"
ShowRulesCountsByLevel -usableRate $usablePwsScrRate -msg "PowerShell script block logging detection rules: ($pwsSrcStatus)"
Write-Output "Usable detection rules list saved to: UsableRules.csv" Write-Output "Usable detection rules list saved to: UsableRules.csv"
Write-Output "Unusable detection rules list saved to: UnusableRules.csv" Write-Output "Unusable detection rules list saved to: UnusableRules.csv"