CSEC_PUBLIC/hayabusa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Feature/verbose output rule and file#188 (#219)

Browse Source 
* added verbose output rule and evtx path #188

* fixed typo

* changed yaml read error to warn message #188

- added AlertMessage::warn
- yaml read error changed from error to warn
This commit is contained in:
DustInDark
2021-11-20 09:10:17 +09:00
committed by GitHub
parent bad4429ad0
commit e2ac686c3f
5 changed files with 27 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/detections/detection.rs
View File

@@ -49,11 +49,11 @@ impl Detection {
pub fn parse_rule_files(level: String) -> Vec<RuleNode> {
// ルールファイルのパースを実行
let mut rulefile_loader = ParseYaml::new();
let resutl_readdir = rulefile_loader.read_dir(DIRPATH_RULES, &level);
if resutl_readdir.is_err() {
let result_readdir = rulefile_loader.read_dir(DIRPATH_RULES, &level);
if result_readdir.is_err() {
AlertMessage::alert(
&mut std::io::stderr().lock(),
format!("{}", resutl_readdir.unwrap_err()),
format!("{}", result_readdir.unwrap_err()),
)
.ok();
return vec![];
@@ -69,10 +69,10 @@ impl Detection {
err_msgs_result.err().iter().for_each(|err_msgs| {
let errmsg_body =
format!("Failed to parse Rule file. (FilePath : {})", rule.rulepath);
AlertMessage::alert(&mut std::io::stderr().lock(), errmsg_body).ok();
AlertMessage::warn(&mut std::io::stdout().lock(), errmsg_body).ok();
err_msgs.iter().for_each(|err_msg| {
AlertMessage::alert(&mut std::io::stderr().lock(), err_msg.to_string()).ok();
AlertMessage::warn(&mut std::io::stdout().lock(), err_msg.to_string()).ok();
});
println!(""); // 一行開けるためのprintln
});