Merge branch '687-change-pipe-separator-character' into 654-enhancement-output-to-json
This commit is contained in:
DastInDark
@@ -326,7 +326,7 @@ impl Detection {
|
||||
.filter(|x| TAGS_CONFIG.values().contains(x))
|
||||
.map(|y| y.to_owned())
|
||||
.collect();
|
||||
profile_converter.insert("%MitreTactics%".to_string(), tactics.join(" : "));
|
||||
profile_converter.insert("%MitreTactics%".to_string(), tactics.join(" ¦ "));
|
||||
}
|
||||
"%MitreTags%" => {
|
||||
let techniques: &Vec<String> = &tag_info
|
||||
@@ -342,7 +342,7 @@ impl Detection {
|
||||
make_ascii_titlecase(&mut replaced_tag)
|
||||
})
|
||||
.collect();
|
||||
profile_converter.insert("%MitreTags%".to_string(), techniques.join(" : "));
|
||||
profile_converter.insert("%MitreTags%".to_string(), techniques.join(" ¦ "));
|
||||
}
|
||||
"%OtherTags%" => {
|
||||
let tags: &Vec<String> = &tag_info
|
||||
@@ -355,7 +355,7 @@ impl Detection {
|
||||
})
|
||||
.map(|y| y.to_owned())
|
||||
.collect();
|
||||
profile_converter.insert("%OtherTags%".to_string(), tags.join(" : "));
|
||||
profile_converter.insert("%OtherTags%".to_string(), tags.join(" ¦ "));
|
||||
}
|
||||
|
||||
_ => {}
|
||||
@@ -458,7 +458,7 @@ impl Detection {
|
||||
.filter(|x| TAGS_CONFIG.values().contains(x))
|
||||
.map(|y| y.to_owned())
|
||||
.collect();
|
||||
profile_converter.insert("%MitreTactics%".to_string(), tactics.join(" : "));
|
||||
profile_converter.insert("%MitreTactics%".to_string(), tactics.join(" ¦ "));
|
||||
}
|
||||
"%MitreTags%" => {
|
||||
let techniques: &Vec<String> = &tag_info
|
||||
@@ -474,7 +474,7 @@ impl Detection {
|
||||
make_ascii_titlecase(&mut replaced_tag)
|
||||
})
|
||||
.collect();
|
||||
profile_converter.insert("%MitreTags%".to_string(), techniques.join(" : "));
|
||||
profile_converter.insert("%MitreTags%".to_string(), techniques.join(" ¦ "));
|
||||
}
|
||||
"%OtherTags%" => {
|
||||
let tags: &Vec<String> = &tag_info
|
||||
@@ -487,7 +487,7 @@ impl Detection {
|
||||
})
|
||||
.map(|y| y.to_owned())
|
||||
.collect();
|
||||
profile_converter.insert("%OtherTags%".to_string(), tags.join(" : "));
|
||||
profile_converter.insert("%OtherTags%".to_string(), tags.join(" ¦ "));
|
||||
}
|
||||
_ => {}
|
||||
}
|
||||
|
||||
@@ -297,15 +297,10 @@ fn create_recordinfos(record: &Value) -> String {
|
||||
|
||||
let summary: Vec<String> = output
|
||||
.iter()
|
||||
.map(|(key, value)| format!("{}:{}", key, value))
|
||||
.map(|(key, value)| format!("{}: {}", key, value))
|
||||
.collect();
|
||||
|
||||
// 標準出力する時はセルがハイプ区切りになるので、パイプ区切りにしない
|
||||
if configs::CONFIG.read().unwrap().args.output.is_some() {
|
||||
summary.join(" | ")
|
||||
} else {
|
||||
summary.join(" ")
|
||||
}
|
||||
summary.join(" ¦ ")
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -510,7 +505,7 @@ mod tests {
|
||||
Ok(record) => {
|
||||
let ret = utils::create_recordinfos(&record);
|
||||
// Systemは除外される/属性(_attributesも除外される)/key順に並ぶ
|
||||
let expected = "AccessMask:%%1369 Process:lsass.exe User:u1".to_string();
|
||||
let expected = "AccessMask: %%1369 ¦ Process: lsass.exe ¦ User: u1".to_string();
|
||||
assert_eq!(ret, expected);
|
||||
}
|
||||
Err(_) => {
|
||||
@@ -544,7 +539,7 @@ mod tests {
|
||||
Ok(record) => {
|
||||
let ret = utils::create_recordinfos(&record);
|
||||
// Systemは除外される/属性(_attributesも除外される)/key順に並ぶ
|
||||
let expected = "Binary:hogehoge Data: Data:Data1 Data:DataData2 Data:DataDataData3"
|
||||
let expected = "Binary: hogehoge ¦ Data: ¦ Data: Data1 ¦ Data: DataData2 ¦ Data: DataDataData3"
|
||||
.to_string();
|
||||
assert_eq!(ret, expected);
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user