CSEC_PUBLIC/hayabusa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'main' into 583-enhancement-output-processing-rules-msg-and-rule-status-metrics

Browse Source
This commit is contained in:
DustInDark
2022-06-11 15:29:14 +09:00
committed by GitHub
parent 2da0eb16e0 b71fc15e66
commit d37c6b1866
9 changed files with 69 additions and 33 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
src/detections/detection.rs
View File

@@ -9,7 +9,7 @@ use crate::detections::print::MESSAGES;
use crate::detections::print::PIVOT_KEYWORD_LIST_FLAG;
use crate::detections::print::QUIET_ERRORS_FLAG;
use crate::detections::print::STATISTICS_FLAG;
use crate::detections::print::{CH_CONFIG, IS_DISPLAY_RECORD_ID, TAGS_CONFIG};
use crate::detections::print::{CH_CONFIG, IS_HIDE_RECORD_ID, TAGS_CONFIG};
use crate::detections::rule;
use crate::detections::rule::AggResult;
use crate::detections::rule::RuleNode;
@@ -233,7 +233,7 @@ impl Detection {
.record_information
.as_ref()
.map(|recinfo| recinfo.to_string());
let rec_id = if *IS_DISPLAY_RECORD_ID {
let rec_id = if !*IS_HIDE_RECORD_ID {
Some(
get_serde_number_to_string(&record_info.record["Event"]["System"]["EventRecordID"])
.unwrap_or_default(),
@@ -281,7 +281,7 @@ impl Detection {
} else {
Option::None
};
let rec_id = if *IS_DISPLAY_RECORD_ID {
let rec_id = if !*IS_HIDE_RECORD_ID {
Some(String::default())
} else {
None