remove unneccesary pub
This commit is contained in:
Your Name
@@ -38,7 +38,12 @@ impl Detection {
|
|||||||
&common.detection(&event.system, &event_data);
|
&common.detection(&event.system, &event_data);
|
||||||
//&common.detection(&event.system, &event_data);
|
//&common.detection(&event.system, &event_data);
|
||||||
if channel == "Security" {
|
if channel == "Security" {
|
||||||
&security.detection(event_id, &event.system, &event.user_data, event_data);
|
&security.detection(
|
||||||
|
event_id,
|
||||||
|
&event.system,
|
||||||
|
&event.user_data.as_ref(),
|
||||||
|
event_data,
|
||||||
|
);
|
||||||
} else if channel == "System" {
|
} else if channel == "System" {
|
||||||
&system.detection(event_id, &event.system, event_data);
|
&system.detection(event_id, &event.system, event_data);
|
||||||
} else if channel == "Application" {
|
} else if channel == "Application" {
|
||||||
|
|||||||
@@ -66,7 +66,7 @@ impl Security {
|
|||||||
&mut self,
|
&mut self,
|
||||||
event_id: String,
|
event_id: String,
|
||||||
_system: &event::System,
|
_system: &event::System,
|
||||||
user_data: &Option<event::UserData>,
|
user_data: &Option<&event::UserData>,
|
||||||
event_data: HashMap<String, String>,
|
event_data: HashMap<String, String>,
|
||||||
) {
|
) {
|
||||||
self.process_craeted(&event_id, &event_data);
|
self.process_craeted(&event_id, &event_data);
|
||||||
@@ -287,22 +287,16 @@ impl Security {
|
|||||||
self.passspray_2_user = HashMap::new();
|
self.passspray_2_user = HashMap::new();
|
||||||
}
|
}
|
||||||
|
|
||||||
fn audit_log_cleared(
|
fn audit_log_cleared(&mut self, event_id: &String, user_data: &Option<&event::UserData>) {
|
||||||
&mut self,
|
|
||||||
event_id: &String,
|
|
||||||
user_data: &Option<event::UserData>
|
|
||||||
) {
|
|
||||||
if event_id != "1102" {
|
if event_id != "1102" {
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
println!("Audit Log Clear");
|
println!("Audit Log Clear");
|
||||||
println!("The Audit log was cleared.");
|
println!("The Audit log was cleared.");
|
||||||
let username = user_data.as_ref().and_then(|u| {
|
user_data.and_then(|u| u.log_file_cleared.as_ref());
|
||||||
u.log_file_cleared
|
|
||||||
.as_ref()
|
let username = user_data.and_then(|u| u.log_file_cleared.and_then(|l| l.subject_user_name));
|
||||||
.and_then(|l| l.subject_user_name.as_ref())
|
println!("Security ID: {}", username.unwrap_or("".to_string()));
|
||||||
});
|
|
||||||
println!("Security ID: {}", username.unwrap_or(&"".to_string()));
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -39,7 +39,7 @@ pub struct System {
|
|||||||
#[serde(rename = "EventID")]
|
#[serde(rename = "EventID")]
|
||||||
pub event_id: String,
|
pub event_id: String,
|
||||||
#[serde(rename = "Version")]
|
#[serde(rename = "Version")]
|
||||||
pub version: Option<String>,
|
version: Option<String>,
|
||||||
#[serde(rename = "Level")]
|
#[serde(rename = "Level")]
|
||||||
level: String,
|
level: String,
|
||||||
#[serde(rename = "Task")]
|
#[serde(rename = "Task")]
|
||||||
|
|||||||
Reference in New Issue
Block a user