add rule parser actions

2025-12-13 12:42:59 +01:00 · 2025-03-09 20:30:42 +09:00
parent 8ba23ec6eb
commit d2e7b1d439
1 changed files with 4 additions and 4 deletions
--- a/wela-extractor/src/main.rs
+++ b/wela-extractor/src/main.rs
@@ -61,10 +61,10 @@ fn parse_yaml(doc: Yaml, eid_subcategory_pair: &Vec<(String, String)>) -> Option
    if let Some(logsource) = doc["logsource"].as_hash() {
        if let Some(service) = logsource.get(&Yaml::from_str("service")) {
            if service.as_str() == Some("security") {
-                let uuid = doc["id"].as_str().unwrap_or("No UUID");
-                let title = doc["title"].as_str().unwrap_or("No title");
-                let desc = doc["description"].as_str().unwrap_or("No description");
-                let level = doc["level"].as_str().unwrap_or("No level");
+                let uuid = doc["id"].as_str().unwrap_or("");
+                let title = doc["title"].as_str().unwrap_or("");
+                let desc = doc["description"].as_str().unwrap_or("");
+                let level = doc["level"].as_str().unwrap_or("");
                let mut event_ids = Vec::new();
                extract_event_ids(&doc, &mut event_ids);
                let mut subcategories = Vec::new();