Merge pull request #673 from Yamato-Security/672-enhancement-no-summary-option
Added no summary option
This commit is contained in:
DustInDark
GitHub
@@ -9,6 +9,7 @@
|
||||
**改善:**
|
||||
|
||||
- 結果概要に各レベルで検知した上位5つのルールを表示するようにした。 (#667) (@hitenkoku)
|
||||
- 結果概要を出力しないようにするために `--no-summary` オプションを追加した。 (#672) (@hitenkoku)
|
||||
|
||||
**バグ修正:**
|
||||
|
||||
|
||||
+2
-1
@@ -8,7 +8,8 @@
|
||||
|
||||
**Enhancements:**
|
||||
|
||||
- Added top alert rules to results summary. (#667) (@hitenkoku)
|
||||
- Added top alerts to results summary. (#667) (@hitenkoku)
|
||||
- Added `--no-summary` option to not display the results summary. (#672) (@hitenkoku)
|
||||
|
||||
**Bug Fixes:**
|
||||
|
||||
|
||||
@@ -392,6 +392,7 @@ OUTPUT:
|
||||
|
||||
DISPLAY-SETTINGS:
|
||||
--no-color カラー出力を無効にする
|
||||
--no-summary 結果概要を出力しない
|
||||
-q, --quiet Quietモード: 起動バナーを表示しない
|
||||
-v, --verbose 詳細な情報を出力する
|
||||
-V, --visualize-timeline イベント頻度タイムラインを出力する
|
||||
|
||||
@@ -384,6 +384,7 @@ OUTPUT:
|
||||
|
||||
DISPLAY-SETTINGS:
|
||||
--no-color Disable color output
|
||||
--no-summary Do not display result summary
|
||||
-q, --quiet Quiet mode: do not display the launch banner
|
||||
-v, --verbose Output verbose information
|
||||
-V, --visualize-timeline Output event frequency timeline
|
||||
|
||||
+70
-68
@@ -326,77 +326,79 @@ fn emit_csv<W: std::io::Write>(
|
||||
}
|
||||
};
|
||||
|
||||
disp_wtr_buf.clear();
|
||||
write_color_buffer(
|
||||
&disp_wtr,
|
||||
get_writable_color(Some(Color::Rgb(0, 255, 0))),
|
||||
"Results Summary:",
|
||||
true,
|
||||
)
|
||||
.ok();
|
||||
if !configs::CONFIG.read().unwrap().args.no_summary {
|
||||
disp_wtr_buf.clear();
|
||||
write_color_buffer(
|
||||
&disp_wtr,
|
||||
get_writable_color(Some(Color::Rgb(0, 255, 0))),
|
||||
"Results Summary:",
|
||||
true,
|
||||
)
|
||||
.ok();
|
||||
|
||||
let terminal_width = match *TERM_SIZE {
|
||||
Some((Width(w), _)) => w as usize,
|
||||
None => 100,
|
||||
};
|
||||
println!();
|
||||
|
||||
if configs::CONFIG.read().unwrap().args.visualize_timeline {
|
||||
_print_timeline_hist(timestamps, terminal_width, 3);
|
||||
let terminal_width = match *TERM_SIZE {
|
||||
Some((Width(w), _)) => w as usize,
|
||||
None => 100,
|
||||
};
|
||||
println!();
|
||||
|
||||
if configs::CONFIG.read().unwrap().args.visualize_timeline {
|
||||
_print_timeline_hist(timestamps, terminal_width, 3);
|
||||
println!();
|
||||
}
|
||||
let reducted_record_cnt: u128 = all_record_cnt - detected_record_idset.len() as u128;
|
||||
let reducted_percent = if all_record_cnt == 0 {
|
||||
0 as f64
|
||||
} else {
|
||||
(reducted_record_cnt as f64) / (all_record_cnt as f64) * 100.0
|
||||
};
|
||||
write_color_buffer(
|
||||
&disp_wtr,
|
||||
get_writable_color(None),
|
||||
&format!(
|
||||
"Total events: {}",
|
||||
all_record_cnt.to_formatted_string(&Locale::en)
|
||||
),
|
||||
true,
|
||||
)
|
||||
.ok();
|
||||
write_color_buffer(
|
||||
&disp_wtr,
|
||||
get_writable_color(None),
|
||||
&format!(
|
||||
"Data reduction: {} events ({:.2}%)",
|
||||
reducted_record_cnt.to_formatted_string(&Locale::en),
|
||||
reducted_percent
|
||||
),
|
||||
true,
|
||||
)
|
||||
.ok();
|
||||
println!();
|
||||
|
||||
_print_unique_results(
|
||||
total_detect_counts_by_level,
|
||||
"Total".to_string(),
|
||||
"detections".to_string(),
|
||||
&color_map,
|
||||
);
|
||||
println!();
|
||||
|
||||
_print_unique_results(
|
||||
unique_detect_counts_by_level,
|
||||
"Unique".to_string(),
|
||||
"detections".to_string(),
|
||||
&color_map,
|
||||
);
|
||||
println!();
|
||||
|
||||
_print_detection_summary_by_date(detect_counts_by_date_and_level, &color_map);
|
||||
println!();
|
||||
|
||||
_print_detection_summary_by_computer(detect_counts_by_computer_and_level, &color_map);
|
||||
println!();
|
||||
|
||||
_print_detection_summary_by_rule(detect_counts_by_rule_and_level, &color_map);
|
||||
}
|
||||
let reducted_record_cnt: u128 = all_record_cnt - detected_record_idset.len() as u128;
|
||||
let reducted_percent = if all_record_cnt == 0 {
|
||||
0 as f64
|
||||
} else {
|
||||
(reducted_record_cnt as f64) / (all_record_cnt as f64) * 100.0
|
||||
};
|
||||
write_color_buffer(
|
||||
&disp_wtr,
|
||||
get_writable_color(None),
|
||||
&format!(
|
||||
"Total events: {}",
|
||||
all_record_cnt.to_formatted_string(&Locale::en)
|
||||
),
|
||||
true,
|
||||
)
|
||||
.ok();
|
||||
write_color_buffer(
|
||||
&disp_wtr,
|
||||
get_writable_color(None),
|
||||
&format!(
|
||||
"Data reduction: {} events ({:.2}%)",
|
||||
reducted_record_cnt.to_formatted_string(&Locale::en),
|
||||
reducted_percent
|
||||
),
|
||||
true,
|
||||
)
|
||||
.ok();
|
||||
println!();
|
||||
|
||||
_print_unique_results(
|
||||
total_detect_counts_by_level,
|
||||
"Total".to_string(),
|
||||
"detections".to_string(),
|
||||
&color_map,
|
||||
);
|
||||
println!();
|
||||
|
||||
_print_unique_results(
|
||||
unique_detect_counts_by_level,
|
||||
"Unique".to_string(),
|
||||
"detections".to_string(),
|
||||
&color_map,
|
||||
);
|
||||
println!();
|
||||
|
||||
_print_detection_summary_by_date(detect_counts_by_date_and_level, &color_map);
|
||||
println!();
|
||||
|
||||
_print_detection_summary_by_computer(detect_counts_by_computer_and_level, &color_map);
|
||||
println!();
|
||||
|
||||
_print_detection_summary_by_rule(detect_counts_by_rule_and_level, &color_map);
|
||||
|
||||
Ok(())
|
||||
}
|
||||
|
||||
@@ -223,6 +223,10 @@ pub struct Config {
|
||||
/// Set default output profile
|
||||
#[clap(help_heading = Some("OTHER-ACTIONS"), long = "set-default-profile", value_name = "PROFILE")]
|
||||
pub set_default_profile: Option<String>,
|
||||
|
||||
/// Do not display result summary
|
||||
#[clap(help_heading = Some("DISPLAY-SETTINGS"), long = "no-summary")]
|
||||
pub no_summary: bool,
|
||||
}
|
||||
|
||||
impl ConfigReader<'_> {
|
||||
|
||||
Reference in New Issue
Block a user