add sysmon

src/detections/detection.rs

@@ -3,8 +3,8 @@ extern crate quick_xml;
 use crate::detections::application;
 use crate::detections::common;
 use crate::detections::security;
-use crate::detections::system;
 use crate::detections::sysmon;
+use crate::detections::system;
 use crate::models::event;
 use evtx::EvtxParser;
 use quick_xml::de::DeError;

src/detections/mod.rs

@@ -2,5 +2,5 @@ mod application;
 mod common;
 pub mod detection;
 mod security;
-mod system;
 mod sysmon;
+mod system;

src/detections/sysmon.rs

@@ -24,10 +24,10 @@ impl Sysmon {
     fn sysmon_event_1(&mut self, event_data: HashMap<String, String>) {
         println!("Message : Sysmon event 1");
         if let Some(_image) = event_data.get("Image") {
-            println!("_image : {}",_image);
+            println!("_image : {}", _image);
         }
         if let Some(_command_line) = event_data.get("CommandLine") {
-            println!("_command_line : {}",_command_line);
+            println!("_command_line : {}", _command_line);
         }
     }