diff --git a/src/detections/detection.rs b/src/detections/detection.rs index 70225051..6aaa6179 100644 --- a/src/detections/detection.rs +++ b/src/detections/detection.rs @@ -5,6 +5,7 @@ use crate::detections::print::AlertMessage; use crate::detections::print::ERROR_LOG_STACK; use crate::detections::print::MESSAGES; use crate::detections::print::QUIET_ERRORS_FLAG; +use crate::detections::print::STATISTICS_FLAG; use crate::detections::rule; use crate::detections::rule::AggResult; use crate::detections::rule::RuleNode; @@ -273,6 +274,9 @@ impl Detection { parseerror_count: &u128, ignore_count: &u128, ) { + if *STATISTICS_FLAG { + return; + } let mut total = parseerror_count + ignore_count; rc.into_iter().for_each(|(key, value)| { println!("{} rules: {}", key, value); diff --git a/src/detections/print.rs b/src/detections/print.rs index 6c9ef6b8..3b20520b 100644 --- a/src/detections/print.rs +++ b/src/detections/print.rs @@ -228,11 +228,13 @@ impl AlertMessage { for error_log in ERROR_LOG_STACK.lock().unwrap().iter() { writeln!(error_log_writer, "{}", error_log).ok(); } + println!(""); println!( "Errors were generated. Please check {} for details.", ERROR_LOG_PATH.to_string() ); println!(""); + println!(""); } /// ERRORメッセージを表示する関数 diff --git a/src/main.rs b/src/main.rs index 6bb33feb..1d932468 100644 --- a/src/main.rs +++ b/src/main.rs @@ -70,6 +70,7 @@ impl App { "{}", configs::CONFIG.read().unwrap().args.usage().to_string() ); + println!(""); return; } if let Some(csv_path) = configs::CONFIG.read().unwrap().args.value_of("output") { @@ -87,6 +88,7 @@ impl App { } if *STATISTICS_FLAG { println!("Generating Event ID Statistics"); + println!(""); } if let Some(filepath) = configs::CONFIG.read().unwrap().args.value_of("filepath") { if !filepath.ends_with(".evtx") { diff --git a/src/timeline/timeline.rs b/src/timeline/timeline.rs index 890212af..5b0a9c57 100644 --- a/src/timeline/timeline.rs +++ b/src/timeline/timeline.rs @@ -37,11 +37,11 @@ impl Timeline { //println!("map -> {:#?}", evtstat_map); let mut sammsges: Vec = Vec::new(); sammsges.push("---------------------------------------".to_string()); - sammsges.push(format!("Evtx_File_Path:{}", self.stats.filepath)); - sammsges.push(format!("Total_counts : {}\n", self.stats.total)); - sammsges.push(format!("firstevent_time: {}", self.stats.start_time)); - sammsges.push(format!("lastevent_time: {}\n", self.stats.end_time)); - sammsges.push("count(rate)\tID\tevent\t\ttimeline".to_string()); + sammsges.push(format!("Evtx File Path: {}", self.stats.filepath)); + sammsges.push(format!("Total Event Records: {}\n", self.stats.total)); + sammsges.push(format!("First Timestamp: {}", self.stats.start_time)); + sammsges.push(format!("Last Timestamp: {}\n", self.stats.end_time)); + sammsges.push("Count (Percent)\tID\tEvent\t\tTimeline".to_string()); sammsges.push("--------------- ------- --------------- -------".to_string()); // 集計件数でソート