From 916921455349f0ff6232acc49360dec1275004c5 Mon Sep 17 00:00:00 2001
From: ichiichi11 <takai.wa.hajime@gmail.com>
Date: Sat, 4 Dec 2021 19:09:41 +0900
Subject: [PATCH] fix bug.

---
 src/main.rs | 3 ++-
 src/yaml.rs | 4 ++--
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/src/main.rs b/src/main.rs
index 6c257089..15255e6e 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -131,6 +131,7 @@ fn analysis_files(evtx_files: Vec<PathBuf>) {
         .args
         .is_present("show-noisyalerts")
     {
+        ids += "\n";    // 改行を入れないとexclude-rulesの一番最後の行とnoisy-rules.txtの一番最後の行が一行にまとめられてしまう。
         ids += &String::from_utf8(fs::read("config/noisy-rules.txt").unwrap()).unwrap();
     }
 
@@ -138,7 +139,7 @@ fn analysis_files(evtx_files: Vec<PathBuf>) {
         no_use_rule: HashSet::new(),
     };
 
-    for v in ids.split_whitespace().next() {
+    for v in ids.split_whitespace() {
         fill_ids.no_use_rule.insert(v.to_string());
     }
     let rule_files = detection::Detection::parse_rule_files(
diff --git a/src/yaml.rs b/src/yaml.rs
index 98fccf0a..8c89ec01 100644
--- a/src/yaml.rs
+++ b/src/yaml.rs
@@ -142,8 +142,8 @@ impl ParseYaml {
                     .no_use_rule
                     .get(&yaml_doc["id"].as_str().unwrap_or("").to_string())
                 {
-                    Some(_) => (),
-                    None => {
+                     None => (),
+                     Some(_) => {
                         self.ignorerule_count += 1;
                         return Option::None;
                     }