CSEC_PUBLIC/hayabusa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

add test for exclude rules

Browse Source
This commit is contained in:
kazuminn
2021-12-09 00:57:40 +09:00
parent c8473b7668
commit b9831ca38a
4 changed files with 56 additions and 57 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/detections/detection.rs
View File

@@ -11,7 +11,7 @@ use crate::detections::print::MESSAGES;
use crate::detections::rule;
use crate::detections::rule::RuleNode;
use crate::detections::utils::get_serde_number_to_string;
use crate::fillter::RuleFill;
use crate::fillter;
use crate::yaml::ParseYaml;
use std::sync::Arc;
@@ -55,7 +55,7 @@ impl Detection {
pub fn parse_rule_files(
level: String,
rulespath: Option<&str>,
fill_ids: &RuleFill,
fill_ids: &fillter::RuleFill,
) -> Vec<RuleNode> {
// ルールファイルのパースを実行
let mut rulefile_loader = ParseYaml::new();
@@ -275,9 +275,7 @@ impl Detection {
fn test_parse_rule_files() {
let level = "informational";
let opt_rule_path = Some("./test_files/rules/level_yaml");
let fill_ids = RuleFill {
no_use_rule: std::collections::HashSet::new(),
};
let cole = Detection::parse_rule_files(level.to_owned(), opt_rule_path, &fill_ids);
let cole =
Detection::parse_rule_files(level.to_owned(), opt_rule_path, &fillter::exclude_ids());
assert_eq!(5, cole.len());
}