From eadf576065edb127b7407cb825cb3b11759a0b89 Mon Sep 17 00:00:00 2001 From: itiB Date: Thu, 19 Nov 2020 01:21:03 +0900 Subject: [PATCH 1/3] Add: afterfact.rs for emit csv file --- src/afterfact.rs | 31 +++++++++++++++++++++++++++++++ src/detections/print.rs | 4 ++++ src/lib.rs | 1 + src/main.rs | 7 +++++++ 4 files changed, 43 insertions(+) create mode 100644 src/afterfact.rs diff --git a/src/afterfact.rs b/src/afterfact.rs new file mode 100644 index 00000000..076454e9 --- /dev/null +++ b/src/afterfact.rs @@ -0,0 +1,31 @@ +use crate::detections::configs; +use crate::detections::print; +use chrono::{DateTime, TimeZone, Utc}; +use serde::Serialize; +use std::error::Error; + +#[derive(Debug, Serialize)] +#[serde(rename_all = "PascalCase")] +pub struct CsvFormat<'a> { + time: DateTime, + message: &'a str, +} + +pub fn after_fact() -> Result<(), Box> { + if let Some(csv_path) = configs::singleton().args.value_of("csv-timeline") { + let mut wtr = csv::Writer::from_path(csv_path)?; + let messages = print::MESSAGES.lock().unwrap(); + + for (time, texts) in messages.iter() { + for text in texts { + wtr.serialize(CsvFormat { + time: *time, + message: text, + })?; + } + } + wtr.flush()?; + } + + Ok(()) +} diff --git a/src/detections/print.rs b/src/detections/print.rs index 793737e4..fc1a4955 100644 --- a/src/detections/print.rs +++ b/src/detections/print.rs @@ -45,6 +45,10 @@ impl Message { pub fn debug(&self) { println!("{:?}", self.map); } + + pub fn iter(&self) -> &BTreeMap, Vec> { + &self.map + } } #[test] diff --git a/src/lib.rs b/src/lib.rs index d9abfe41..2f0bb054 100644 --- a/src/lib.rs +++ b/src/lib.rs @@ -1,3 +1,4 @@ +pub mod afterfact; pub mod detections; pub mod models; pub mod omikuji; diff --git a/src/main.rs b/src/main.rs index c2e44c76..50fd0e2e 100644 --- a/src/main.rs +++ b/src/main.rs @@ -1,8 +1,11 @@ extern crate serde; +#[macro_use] +extern crate serde_derive; use evtx::EvtxParser; use quick_xml::de::DeError; use std::{fs, path::PathBuf, process}; +use yamato_event_analyzer::afterfact::after_fact; use yamato_event_analyzer::detections::configs; use yamato_event_analyzer::detections::detection; use yamato_event_analyzer::omikuji::Omikuji; @@ -17,6 +20,10 @@ fn main() -> Result<(), DeError> { parse_file(&filepath); } + if let Err(err) = after_fact() { + println!("{}", err); + } + Ok(()) } From d4ceb8ea8f80e1069cc7e7995dc2820a5749a362 Mon Sep 17 00:00:00 2001 From: itiB Date: Sun, 22 Nov 2020 17:05:44 +0900 Subject: [PATCH 2/3] Add: test for emit_csv --- src/afterfact.rs | 54 +++++++++++++++++++++++++++++++++++++----------- 1 file changed, 42 insertions(+), 12 deletions(-) diff --git a/src/afterfact.rs b/src/afterfact.rs index 076454e9..b919b3d0 100644 --- a/src/afterfact.rs +++ b/src/afterfact.rs @@ -13,19 +13,49 @@ pub struct CsvFormat<'a> { pub fn after_fact() -> Result<(), Box> { if let Some(csv_path) = configs::singleton().args.value_of("csv-timeline") { - let mut wtr = csv::Writer::from_path(csv_path)?; - let messages = print::MESSAGES.lock().unwrap(); - - for (time, texts) in messages.iter() { - for text in texts { - wtr.serialize(CsvFormat { - time: *time, - message: text, - })?; - } - } - wtr.flush()?; + emit_csv(csv_path)?; } Ok(()) } + +fn emit_csv(path: &str) -> Result<(), Box> { + let mut wtr = csv::Writer::from_path(path)?; + let messages = print::MESSAGES.lock().unwrap(); + + for (time, texts) in messages.iter() { + for text in texts { + wtr.serialize(CsvFormat { + time: *time, + message: text, + })?; + } + } + wtr.flush()?; + Ok(()) +} + +use std::fs::{read_to_string, remove_file}; +use std::io::Read; + +#[test] +fn test_emit_csv() { + { + let mut messages = print::MESSAGES.lock().unwrap(); + let poke = Utc.ymd(1996, 2, 27).and_hms(1, 5, 1); + messages.insert(poke, "pokepoke".to_string()); + } + + let expect = "Time,Message +1996-02-27T01:05:01Z,pokepoke +"; + + assert!(emit_csv(&"./test_emit_csv.csv".to_string()).is_ok()); + + match read_to_string("./test_emit_csv.csv") { + Err(_) => panic!("Failed to open file"), + Ok(s) => assert_eq!(s, expect), + }; + + assert!(remove_file("./test_emit_csv.csv").is_ok()); +} From 90bf79f85b6dc7ded61429fdceb0f1b7a34f2f6c Mon Sep 17 00:00:00 2001 From: itiB Date: Sun, 29 Nov 2020 02:04:28 +0900 Subject: [PATCH 3/3] rm: after_fact()'s return val(Error) --- src/afterfact.rs | 10 ++++++---- src/main.rs | 4 +--- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/afterfact.rs b/src/afterfact.rs index b919b3d0..38b31e5f 100644 --- a/src/afterfact.rs +++ b/src/afterfact.rs @@ -3,6 +3,7 @@ use crate::detections::print; use chrono::{DateTime, TimeZone, Utc}; use serde::Serialize; use std::error::Error; +use std::process; #[derive(Debug, Serialize)] #[serde(rename_all = "PascalCase")] @@ -11,12 +12,13 @@ pub struct CsvFormat<'a> { message: &'a str, } -pub fn after_fact() -> Result<(), Box> { +pub fn after_fact() { if let Some(csv_path) = configs::singleton().args.value_of("csv-timeline") { - emit_csv(csv_path)?; + if let Err(err) = emit_csv(csv_path) { + println!("{}", err); + process::exit(1); + } } - - Ok(()) } fn emit_csv(path: &str) -> Result<(), Box> { diff --git a/src/main.rs b/src/main.rs index 50fd0e2e..ddfc4c4e 100644 --- a/src/main.rs +++ b/src/main.rs @@ -20,9 +20,7 @@ fn main() -> Result<(), DeError> { parse_file(&filepath); } - if let Err(err) = after_fact() { - println!("{}", err); - } + after_fact(); Ok(()) }