changed import from hashbrown::HashMap to std::collections::HashMap due

to be merged hashbrown in std HashMap

src/detections/configs.rs

@@ -4,8 +4,7 @@ use crate::detections::pivot::PIVOT_KEYWORD;
 use crate::detections::utils;
 use chrono::{DateTime, Utc};
 use clap::{App, CommandFactory, Parser};
-use hashbrown::HashMap;
-use hashbrown::HashSet;
+use std::collections::{HashSet, HashMap};
 use lazy_static::lazy_static;
 use regex::Regex;
 use std::env::current_exe;
@@ -102,10 +101,6 @@ pub struct Config {
     #[clap(long = "all-tags")]
     pub all_tags: bool,
 
-    /// Do not display EventRecordID numbers
-    #[clap(short = 'R', long = "hide-record-id")]
-    pub hide_record_id: bool,
-
     /// Output verbose information
     #[clap(short = 'v', long)]
     pub verbose: bool,
@@ -577,7 +572,7 @@ fn load_eventcode_info(path: &str) -> EventInfoConfig {
 mod tests {
     use crate::detections::configs;
     use chrono::{DateTime, Utc};
-    use hashbrown::HashSet;
+    use std::collections::HashSet;
 
     //     #[test]
     //     #[ignore]

src/detections/detection.rs

@@ -2,9 +2,7 @@ extern crate csv;
 
 use crate::detections::configs;
 use crate::detections::utils::write_color_buffer;
-use crate::options::profile;
 use crate::options::profile::PROFILES;
-use linked_hash_map::LinkedHashMap;
 use termcolor::{BufferWriter, Color, ColorChoice};
 
 use crate::detections::message::AlertMessage;
@@ -21,9 +19,8 @@ use crate::detections::rule::RuleNode;
 use crate::detections::utils::{get_serde_number_to_string, make_ascii_titlecase};
 use crate::filter;
 use crate::yaml::ParseYaml;
-use hashbrown;
-use hashbrown::HashMap;
 use serde_json::Value;
+use std::collections::HashMap;
 use std::fmt::Write;
 use std::path::Path;
 
@@ -39,7 +36,7 @@ pub struct EvtxRecordInfo {
     pub evtx_filepath: String, // イベントファイルのファイルパス　ログで出力するときに使う
     pub record: Value,         // 1レコード分のデータをJSON形式にシリアライズしたもの
     pub data_string: String,
-    pub key_2_value: hashbrown::HashMap<String, String>,
+    pub key_2_value: HashMap<String, String>,
     pub record_information: Option<String>,
 }
 

src/detections/pivot.rs

@@ -1,5 +1,4 @@
-use hashbrown::HashMap;
-use hashbrown::HashSet;
+use std::collections::{HashMap, HashSet};
 use lazy_static::lazy_static;
 use serde_json::Value;
 use std::sync::RwLock;

src/detections/rule/count.rs

@@ -499,7 +499,7 @@ mod tests {
     use crate::detections::rule::create_rule;
     use crate::detections::rule::AggResult;
     use crate::detections::utils;
-    use hashbrown::HashMap;
+    use std::collections::HashMap;
 
     use chrono::{TimeZone, Utc};
     use yaml_rust::YamlLoader;

src/detections/utils.rs

@@ -4,6 +4,7 @@ extern crate regex;
 
 use crate::detections::configs;
 use crate::detections::configs::CURRENT_EXE_PATH;
+use std::collections::HashMap;
 use std::path::Path;
 use std::path::PathBuf;
 
@@ -219,8 +220,8 @@ pub fn create_rec_info(data: Value, path: String, keys: &[String]) -> EvtxRecord
     // この処理を高速化するため、rec.key_2_valueというhashmapに"Event.System.EventID"というキーで値を設定しておく。
     // これなら、"Event.System.EventID"というキーを1回指定するだけで値を取得できるようになるので、高速化されるはず。
     // あと、serde_jsonのValueからvalue["Event"]みたいな感じで値を取得する処理がなんか遅いので、そういう意味でも早くなるかも
-    // それと、serde_jsonでは内部的に標準ライブラリのhashmapを使用しているが、hashbrownを使った方が早くなるらしい。
-    let mut key_2_values = hashbrown::HashMap::new();
+    // それと、serde_jsonでは内部的に標準ライブラリのhashmapを使用しているが、hashbrownを使った方が早くなるらしい。標準ライブラリがhashbrownを採用したためserde_jsonについても高速化した。
+    let mut key_2_values = HashMap::new();
     for key in keys {
         let val = get_event_value(key, &data);
         if val.is_none() {

src/filter.rs

@@ -2,7 +2,7 @@ use crate::detections::configs;
 use crate::detections::message::AlertMessage;
 use crate::detections::message::ERROR_LOG_STACK;
 use crate::detections::message::QUIET_ERRORS_FLAG;
-use hashbrown::HashMap;
+use std::collections::HashMap;
 use regex::Regex;
 use std::fs::File;
 use std::io::{BufRead, BufReader};

src/options/update_rules.rs

@@ -7,7 +7,7 @@ use git2::Repository;
 use std::fs::{self};
 use std::path::Path;
 
-use hashbrown::{HashMap, HashSet};
+use std::collections::{HashMap, HashSet};
 use std::cmp::Ordering;
 
 use std::time::SystemTime;

src/timeline/statistics.rs

@@ -1,6 +1,6 @@
 use crate::detections::message::{LOGONSUMMARY_FLAG, STATISTICS_FLAG};
 use crate::detections::{detection::EvtxRecordInfo, utils};
-use hashbrown::HashMap;
+use std::collections::HashMap;
 
 #[derive(Debug)]
 pub struct EventStatistics {
@@ -111,7 +111,7 @@ impl EventStatistics {
                 continue;
             }
             let username = utils::get_event_value("TargetUserName", &record.record);
-            let idnum = evtid.unwrap();
+            let idnum = evtid.unwrap().as_i64().unwrap();
             let countlist: [usize; 2] = [0, 0];
             if idnum == 4624 {
                 let count: &mut [usize; 2] = self

src/timeline/timelines.rs

@@ -3,7 +3,7 @@ use crate::detections::{configs::CONFIG, detection::EvtxRecordInfo};
 use prettytable::{Cell, Row, Table};
 
 use super::statistics::EventStatistics;
-use hashbrown::HashMap;
+use std::collections::HashMap;
 
 #[derive(Debug)]
 pub struct Timeline {

src/yaml.rs

@@ -6,7 +6,7 @@ use crate::detections::configs::EXCLUDE_STATUS;
 use crate::detections::message::AlertMessage;
 use crate::detections::message::{ERROR_LOG_STACK, QUIET_ERRORS_FLAG};
 use crate::filter::RuleExclude;
-use hashbrown::HashMap;
+use std::collections::HashMap;
 use std::ffi::OsStr;
 use std::fs;
 use std::io;
@@ -321,7 +321,7 @@ mod tests {
     use crate::filter;
     use crate::yaml;
     use crate::yaml::RuleExclude;
-    use hashbrown::HashMap;
+    use std::collections::HashMap;
     use std::path::Path;
     use yaml_rust::YamlLoader;