CSEC_PUBLIC/hayabusa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

adjusted alert function arg add #301

Browse Source
This commit is contained in:
DustInDark
2021-12-19 13:56:34 +09:00
parent 7e00ab00fe
commit 55c05c6d38
6 changed files with 16 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/afterfact.rs
View File

@@ -38,6 +38,7 @@ pub fn after_fact() {
AlertMessage::alert( AlertMessage::alert(
&mut std::io::stderr().lock(), &mut std::io::stderr().lock(),
format!("Failed to write CSV. {}", err), format!("Failed to write CSV. {}", err),
true,
) )
.ok(); .ok();
process::exit(1); process::exit(1);
@@ -56,6 +57,7 @@ pub fn after_fact() {
AlertMessage::alert( AlertMessage::alert(
&mut std::io::stderr().lock(), &mut std::io::stderr().lock(),
format!("Failed to open file. {}", err), format!("Failed to open file. {}", err),
true,
) )
.ok(); .ok();
process::exit(1); process::exit(1);

2
src/detections/configs.rs
View File

@@ -141,6 +141,7 @@ impl TargetEventTime {
AlertMessage::alert( AlertMessage::alert(
&mut std::io::stderr().lock(), &mut std::io::stderr().lock(),
format!("starttimeline field: {}", err), format!("starttimeline field: {}", err),
false
) )
.ok(); .ok();
None None
@@ -158,6 +159,7 @@ impl TargetEventTime {
AlertMessage::alert( AlertMessage::alert(
&mut std::io::stderr().lock(), &mut std::io::stderr().lock(),
format!("endtimeline field: {}", err), format!("endtimeline field: {}", err),
false
) )
.ok(); .ok();
None None

1
src/detections/detection.rs
View File

@@ -61,6 +61,7 @@ impl Detection {
AlertMessage::alert( AlertMessage::alert(
&mut std::io::stderr().lock(), &mut std::io::stderr().lock(),
format!("{}", result_readdir.unwrap_err()), format!("{}", result_readdir.unwrap_err()),
true,
) )
.ok(); .ok();
return vec![]; return vec![];

4
src/detections/print.rs
View File

@@ -380,7 +380,7 @@ mod tests {
let input = "TEST!"; let input = "TEST!";
let stdout = std::io::stdout(); let stdout = std::io::stdout();
let mut stdout = stdout.lock(); let mut stdout = stdout.lock();
AlertMessage::alert(&mut stdout, input.to_string()).expect("[ERROR] TEST!"); AlertMessage::alert(&mut stdout, input.to_string(), false).expect("[ERROR] TEST!");
} }
#[test] #[test]
@@ -388,7 +388,7 @@ mod tests {
let input = "TESTWarn!"; let input = "TESTWarn!";
let stdout = std::io::stdout(); let stdout = std::io::stdout();
let mut stdout = stdout.lock(); let mut stdout = stdout.lock();
AlertMessage::alert(&mut stdout, input.to_string()).expect("[WARN] TESTWarn!"); AlertMessage::alert(&mut stdout, input.to_string(), false).expect("[WARN] TESTWarn!");
} }
#[test] #[test]

4
src/detections/rule/count.rs
View File

@@ -59,6 +59,7 @@ pub fn create_count_key(rule: &RuleNode, record: &Value) -> String {
AlertMessage::alert( AlertMessage::alert(
&mut std::io::stderr().lock(), &mut std::io::stderr().lock(),
format!("field_value alias not found.value:{}", field_value), format!("field_value alias not found.value:{}", field_value),
true,
) )
.ok(); .ok();
} }
@@ -75,6 +76,7 @@ pub fn create_count_key(rule: &RuleNode, record: &Value) -> String {
AlertMessage::alert( AlertMessage::alert(
&mut std::io::stderr().lock(), &mut std::io::stderr().lock(),
format!("by_field_value alias not found.value:{}", by_field_value), format!("by_field_value alias not found.value:{}", by_field_value),
true,
) )
.ok(); .ok();
} }
@@ -157,6 +159,7 @@ impl TimeFrameInfo {
AlertMessage::alert( AlertMessage::alert(
&mut std::io::stderr().lock(), &mut std::io::stderr().lock(),
format!("Timeframe is invalid. Input value:{}", value), format!("Timeframe is invalid. Input value:{}", value),
true,
) )
.ok(); .ok();
} }
@@ -189,6 +192,7 @@ pub fn get_sec_timeframe(timeframe: &Option<TimeFrameInfo>) -> Option<i64> {
AlertMessage::alert( AlertMessage::alert(
&mut std::io::stderr().lock(), &mut std::io::stderr().lock(),
format!("Timeframe number is invalid. timeframe.{}", err), format!("Timeframe number is invalid. timeframe.{}", err),
true,
) )
.ok(); .ok();
return Option::None; return Option::None;

8
src/main.rs
View File

@@ -71,6 +71,7 @@ impl App {
AlertMessage::alert( AlertMessage::alert(
&mut std::io::stderr().lock(), &mut std::io::stderr().lock(),
"--filepath only accepts .evtx files.".to_owned(), "--filepath only accepts .evtx files.".to_owned(),
false,
) )
.ok(); .ok();
return; return;
@@ -82,6 +83,7 @@ impl App {
AlertMessage::alert( AlertMessage::alert(
&mut std::io::stderr().lock(), &mut std::io::stderr().lock(),
"No .evtx files were found.".to_owned(), "No .evtx files were found.".to_owned(),
false,
) )
.ok(); .ok();
return; return;
@@ -107,7 +109,7 @@ impl App {
if entries.is_err() { if entries.is_err() {
let stderr = std::io::stderr(); let stderr = std::io::stderr();
let mut stderr = stderr.lock(); let mut stderr = stderr.lock();
AlertMessage::alert(&mut stderr, format!("{}", entries.unwrap_err())).ok(); AlertMessage::alert(&mut stderr, format!("{}", entries.unwrap_err()), true).ok();
return vec![]; return vec![];
} }
@@ -139,7 +141,7 @@ impl App {
match fs::read_to_string("./contributors.txt") { match fs::read_to_string("./contributors.txt") {
Ok(contents) => println!("{}", contents), Ok(contents) => println!("{}", contents),
Err(err) => { Err(err) => {
AlertMessage::alert(&mut std::io::stderr().lock(), format!("{}", err)).ok(); AlertMessage::alert(&mut std::io::stderr().lock(), format!("{}", err), true).ok();
} }
} }
} }
@@ -207,7 +209,7 @@ impl App {
evtx_filepath, evtx_filepath,
record_result.unwrap_err() record_result.unwrap_err()
); );
AlertMessage::alert(&mut std::io::stderr().lock(), errmsg).ok(); AlertMessage::alert(&mut std::io::stderr().lock(), errmsg, true).ok();
continue; continue;
} }