CSEC_PUBLIC/hayabusa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

V1.3.0 release finalization (#564)

Browse Source 
* readme, cargo, usages  update

* readme update
This commit is contained in:
Yamato Security
2022-06-04 06:53:40 +09:00
committed by GitHub
parent 0df42b67ba
commit bdd841f872
4 changed files with 131 additions and 133 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
src/detections/configs.rs
View File

@@ -69,32 +69,32 @@ fn build_app<'a>() -> ArgMatches<'a> {
return ArgMatches::default();
}
let usages = "-d --directory=[DIRECTORY] 'Directory of multiple .evtx files.'
-f --filepath=[FILEPATH] 'File path to one .evtx file.'
-F --full-data 'Print all field information.'
-r --rules=[RULEDIRECTORY/RULEFILE] 'Rule file or directory (default: ./rules)'
-C --config=[RULECONFIGDIRECTORY] 'Rule config folder. (Default: ./rules/config)'
-o --output=[CSV_TIMELINE] 'Save the timeline in CSV format. (Example: results.csv)'
let usages = "-d, --directory [DIRECTORY] 'Directory of multiple .evtx files.'
-f, --filepath [FILE_PATH] 'File path to one .evtx file.'
-F, --full-data 'Print all field information.'
-r, --rules [RULE_DIRECTORY/RULE_FILE] 'Rule directory or file (default: ./rules)'
-C, --config [RULE_CONFIG_DIRECTORY] 'Rule config folder. (Default: ./rules/config)'
-o, --output [CSV_TIMELINE] 'Save the timeline in CSV format. (Example: results.csv)'
--all-tags 'Output all tags when saving to a CSV file.'
-R --display-record-id 'Display EventRecordID.'
-v --verbose 'Output verbose information.'
-D --enable-deprecated-rules 'Enable rules marked as deprecated.'
-n --enable-noisy-rules 'Enable rules marked as noisy.'
-u --update-rules 'Update to the latest rules in the hayabusa-rules github repository.'
-m --min-level=[LEVEL] 'Minimum level for rules. (Default: informational)'
-l --live-analysis 'Analyze the local C:\\Windows\\System32\\winevt\\Logs folder (Windows Only. Administrator privileges required.)'
--start-timeline=[STARTTIMELINE] 'Start time of the event logs to load. (Example: \"2018-11-28 12:00:00 +09:00\")'
--end-timeline=[ENDTIMELINE] 'End time of the event logs to load. (Example: \"2021-11-28 12:00:00 +09:00\")'
-R, --display-record-id 'Display EventRecordID.'
-v, --verbose 'Output verbose information.'
-D, --enable-deprecated-rules 'Enable rules marked as deprecated.'
-n, --enable-noisy-rules 'Enable rules marked as noisy.'
-u, --update-rules 'Update to the latest rules in the hayabusa-rules github repository.'
-m, --min-level [LEVEL] 'Minimum level for rules. (Default: informational)'
-l, --live-analysis 'Analyze the local C:\\Windows\\System32\\winevt\\Logs folder (Windows Only. Administrator privileges required.)'
--start-timeline [START_TIMELINE] 'Start time of the event logs to load. (Example: \"2018-11-28 12:00:00 +09:00\")'
--end-timeline [END_TIMELINE] 'End time of the event logs to load. (Example: \"2021-11-28 12:00:00 +09:00\")'
--rfc-2822 'Output date and time in RFC 2822 format. (Example: Mon, 07 Aug 2006 12:34:56 -0600)'
--rfc-3339 'Output date and time in RFC 3339 format. (Example: 2006-08-07T12:34:56.485214 -06:00)'
-U --utc 'Output time in UTC format. (Default: local time)'
-U, --utc 'Output time in UTC format. (Default: local time)'
--no-color 'Disable color output.'
-t --thread-number=[NUMBER] 'Thread number. (Default: Optimal number for performance.)'
-s --statistics 'Prints statistics of event IDs.'
-L --logon-summary 'Successful and failed logons summary.'
-q --quiet 'Quiet mode. Do not display the launch banner.'
-Q --quiet-errors 'Quiet errors mode. Do not save error logs.'
-p --pivot-keywords-list 'Create a list of pivot keywords.'
-t, --thread-number [NUMBER] 'Thread number. (Default: Optimal number for performance.)'
-s, --statistics 'Prints statistics of event IDs.'
-L, --logon-summary 'Successful and failed logons summary.'
-q, --quiet 'Quiet mode. Do not display the launch banner.'
-Q, --quiet-errors 'Quiet errors mode. Do not save error logs.'
-p, --pivot-keywords-list 'Create a list of pivot keywords.'
--contributors 'Prints the list of contributors.'";
App::new(&program)
.about("Hayabusa: Aiming to be the world's greatest Windows event log analysis tool!")