cargo fmt
This commit is contained in:
itiB
@@ -1,7 +1,7 @@
|
||||
use crate::detections::print::AlertMessage;
|
||||
use crate::detections::utils;
|
||||
use chrono::{DateTime, Utc};
|
||||
use clap::{App, Arg, AppSettings, ArgMatches};
|
||||
use clap::{App, AppSettings, Arg, ArgMatches};
|
||||
use hashbrown::HashMap;
|
||||
use hashbrown::HashSet;
|
||||
use lazy_static::lazy_static;
|
||||
@@ -92,9 +92,10 @@ fn build_app<'a>() -> ArgMatches<'a> {
|
||||
.version("1.1.0")
|
||||
.author("Yamato Security (https://github.com/Yamato-Security/hayabusa)")
|
||||
.setting(AppSettings::VersionlessSubcommands)
|
||||
.arg( // TODO: When update claps to 3.x, these can write in usage texts...
|
||||
.arg(
|
||||
// TODO: When update claps to 3.x, these can write in usage texts...
|
||||
Arg::from_usage("--level-tuning=[RULE_LEVEL_FILE] 'Fix rule file's level'")
|
||||
.default_value("./config/rule_level.txt")
|
||||
.default_value("./config/rule_level.txt"),
|
||||
)
|
||||
.usage(usages)
|
||||
.args_from_usage(usages)
|
||||
|
||||
46
src/main.rs
46
src/main.rs
@@ -18,8 +18,7 @@ use hayabusa::filter;
|
||||
use hayabusa::omikuji::Omikuji;
|
||||
use hayabusa::yaml::ParseYaml;
|
||||
use hayabusa::{afterfact::after_fact, detections::utils};
|
||||
use hayabusa::{detections::configs, timeline::timeline::Timeline};
|
||||
use hayabusa::yaml::ParseYaml;
|
||||
use hayabusa::{detections::configs, timeline::timelines::Timeline};
|
||||
use hhmmss::Hhmmss;
|
||||
use pbr::ProgressBar;
|
||||
use serde_json::Value;
|
||||
@@ -109,9 +108,15 @@ impl App {
|
||||
if configs::CONFIG
|
||||
.read()
|
||||
.unwrap()
|
||||
.args.is_present("level-tuning")
|
||||
.args
|
||||
.is_present("level-tuning")
|
||||
{
|
||||
if let Some(level_tuning_path) = configs::CONFIG.read().unwrap().args.value_of("level-tuning") {
|
||||
if let Some(level_tuning_path) = configs::CONFIG
|
||||
.read()
|
||||
.unwrap()
|
||||
.args
|
||||
.value_of("level-tuning")
|
||||
{
|
||||
if Path::new(level_tuning_path).exists() {
|
||||
let read_result = utils::read_csv(level_tuning_path);
|
||||
if read_result.is_err() {
|
||||
@@ -135,34 +140,37 @@ impl App {
|
||||
tuning_map.insert(id.to_string(), level.to_string());
|
||||
});
|
||||
let mut rulefile_loader = ParseYaml::new();
|
||||
let result_readdir =
|
||||
rulefile_loader.read_dir(
|
||||
configs::CONFIG.read().unwrap().args.value_of("rules").unwrap_or(&"rules"),
|
||||
&"informational",
|
||||
&filter::exclude_ids(),
|
||||
);
|
||||
let result_readdir = rulefile_loader.read_dir(
|
||||
configs::CONFIG
|
||||
.read()
|
||||
.unwrap()
|
||||
.args
|
||||
.value_of("rules")
|
||||
.unwrap_or(&"rules"),
|
||||
&"informational",
|
||||
&filter::exclude_ids(),
|
||||
);
|
||||
if result_readdir.is_err() {
|
||||
let errmsg = format!("{}", result_readdir.unwrap_err());
|
||||
AlertMessage::warn(
|
||||
&mut BufWriter::new(std::io::stderr().lock()),
|
||||
&errmsg,
|
||||
)
|
||||
.ok();
|
||||
AlertMessage::warn(&mut BufWriter::new(std::io::stderr().lock()), &errmsg)
|
||||
.ok();
|
||||
return;
|
||||
}
|
||||
for (path, rule) in rulefile_loader.files {
|
||||
if let Some(new_level) = tuning_map.get(rule["id"].as_str().unwrap()) {
|
||||
println!("{}", rule["id"].as_str().unwrap());
|
||||
println!("path: {}", path);
|
||||
println!("level: {} -> {}", rule["level"].as_str().unwrap(), new_level);
|
||||
println!(
|
||||
"level: {} -> {}",
|
||||
rule["level"].as_str().unwrap(),
|
||||
new_level
|
||||
);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
AlertMessage::alert(
|
||||
&mut BufWriter::new(std::io::stderr().lock()),
|
||||
&format!(
|
||||
"Need rule_levels.txt file to use --level-tuning option"
|
||||
),
|
||||
&format!("Need rule_levels.txt file to use --level-tuning option"),
|
||||
)
|
||||
.ok();
|
||||
return;
|
||||
|
||||
Reference in New Issue
Block a user