From ac50a251ee3c05adad1460f5baea33a31e8b58d6 Mon Sep 17 00:00:00 2001 From: DustInDark Date: Thu, 14 Apr 2022 22:45:04 +0900 Subject: [PATCH 1/2] changed level output from informational to info #491 --- src/afterfact.rs | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/afterfact.rs b/src/afterfact.rs index d6d4fcde..df195f8d 100644 --- a/src/afterfact.rs +++ b/src/afterfact.rs @@ -142,6 +142,10 @@ fn emit_csv( for (time, detect_infos) in messages.iter() { for detect_info in detect_infos { + let mut level = detect_info.level.to_string(); + if level == "informational" { + level = "info".to_string(); + } if displayflag { let colors = color_map .as_ref() @@ -160,7 +164,7 @@ fn emit_csv( let dispformat = DisplayFormat { timestamp: &_format_cell(&format_time(time), ColPos::First, colors), - level: &_format_cell(&detect_info.level, ColPos::Other, colors), + level: &_format_cell(&level, ColPos::Other, colors), computer: &_format_cell(&detect_info.computername, ColPos::Other, colors), event_i_d: &_format_cell(&detect_info.eventid, ColPos::Other, colors), rule_title: &_format_cell(&detect_info.alert, ColPos::Other, colors), @@ -172,7 +176,7 @@ fn emit_csv( // csv出力時フォーマット wtr.serialize(CsvFormat { timestamp: &format_time(time), - level: &detect_info.level, + level: &level, computer: &detect_info.computername, event_i_d: &detect_info.eventid, mitre_attack: &detect_info.tag_info, From 708427c37950c1a99a25dda303cad87ab7820315 Mon Sep 17 00:00:00 2001 From: DustInDark Date: Thu, 14 Apr 2022 22:45:58 +0900 Subject: [PATCH 2/2] updated rules submodule --- rules | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rules b/rules index 4f1ad77b..feac3a4b 160000 --- a/rules +++ b/rules @@ -1 +1 @@ -Subproject commit 4f1ad77b0292d195ae250e161998df32d28a4e9a +Subproject commit feac3a4b6f5a0e7e835eb29b2da95bcdb65e4015