From a3bd7c512c004f6aec79b6779d0ddee6fac6c275 Mon Sep 17 00:00:00 2001
From: fukusuket <41001169+fukusuket@users.noreply.github.com>
Date: Sun, 16 Mar 2025 19:11:55 +0900
Subject: [PATCH] update

---
 WELA.ps1 | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/WELA.ps1 b/WELA.ps1
index 8b0aa580..ac512473 100644
--- a/WELA.ps1
+++ b/WELA.ps1
@@ -89,6 +89,12 @@ function ShowRulesCountsByLevel {
         "low" = "Green"
         "informational" = "White"  # Assuming a default color for informational
     }
+
+    if ($null -eq $usableRate) {
+        Write-Output "No usable rules found."
+        return
+    }
+
     $usableRate | Sort-Object { $levelColorMap.Keys.IndexOf($_.Level) } | ForEach-Object {
         $color = $levelColorMap[$_.Level]
         Write-Host "$($_.Level) rules: $($_.UsableCount) / $($_.TotalCount) ($($_.Percentage)%)" -ForegroundColor $color
@@ -167,7 +173,7 @@ $usablePwsScrRate = CalculateUsableRate -counts $usablePwsScrCounts -totalCounts
 # Step 6: Show the number of usable and unusable rules for each level
 ShowRulesCountsByLevel -usableRate $usableSecRate -msg "Security event log detection rules:"
 ShowRulesCountsByLevel -usableRate $usablePwsClaRate -msg "PowerShell classic logging detection rules:"
-#ShowRulesCountsByLevel -usableRate $usablePwsModRate -msg "PowerShell module logging detection rules:"
+ShowRulesCountsByLevel -usableRate $usablePwsModRate -msg "PowerShell module logging detection rules:"
 ShowRulesCountsByLevel -usableRate $usablePwsScrRate -msg "PowerShell script block logging detection rules:"
 
 Write-Output "Usable detection rules list saved to: UsableRules.csv"