mv: full-data option check #606

2022-06-29 22:15:35 +09:00
parent 59f79161be
commit 8bf5752cc7
2 changed files with 9 additions and 6 deletions
--- a/src/detections/detection.rs
+++ b/src/detections/detection.rs
@@ -248,6 +248,12 @@ impl Detection {
                Some(str) => str.to_owned(),
                None => recinfo.as_ref().unwrap_or(&"-".to_string()).to_string(),
        };
+        let opt_record_info = if configs::CONFIG.read().unwrap().args.full_data {
+            recinfo
+        } else {
+            None
+        };
+
        let detect_info = DetectInfo {
            filepath: record_info.evtx_filepath.to_string(),
            rulepath: rule.rulepath.to_string(),
@@ -260,7 +266,7 @@ impl Detection {
            alert: rule.yaml["title"].as_str().unwrap_or("").to_string(),
            detail: String::default(),
            tag_info: tag_info.join(" | "),
-            record_information: recinfo,
+            record_information: opt_record_info,
            record_id: rec_id,
        };
        MESSAGES.lock().unwrap().insert(
--- a/src/detections/utils.rs
+++ b/src/detections/utils.rs
@@ -235,11 +235,8 @@ pub fn create_rec_info(data: Value, path: String, keys: &[String]) -> EvtxRecord

    // EvtxRecordInfoを作る
    let data_str = data.to_string();
-    let rec_info = if configs::CONFIG.read().unwrap().args.full_data {
-        Option::Some(create_recordinfos(&data))
-    } else {
-        Option::None
-    };
+    let rec_info = Option::Some(create_recordinfos(&data));
+    
    EvtxRecordInfo {
        evtx_filepath: path,
        record: data,