kazuminn
bb6717f7cc
Feature/improve parallel processing ( #622 )
...
* WIP until imple debug trait for dashmap
* change filename print.rs to message.rs
* implement debug for DashMap but member is private. So I cannot Implemented.
* I deleted debug for DashMap
* sorted datetime of dashmap
* delete the unnessesary comment
2022-07-14 12:33:58 +09:00
DustInDark
4f317e2c08
fixed test
2022-06-25 20:43:47 +09:00
DustInDark
20d82598e9
removed duplicated Deprecated count
2022-06-25 20:03:26 +09:00
DustInDark
b556b2061b
cargo fmt
2022-06-25 19:32:38 +09:00
DustInDark
9b0344197b
excluded test files from excluded count
2022-06-25 19:31:17 +09:00
DustInDark
1d6d74a378
ignored loading sigmac test yml filein hayabusa-rules #602
2022-06-25 00:28:07 +09:00
DustInDark
ade010b6e0
cargo fmt
2022-06-24 23:20:26 +09:00
DustInDark
30da5fb2a0
changed noisy rule counting and load condition
2022-06-24 23:19:31 +09:00
DustInDark
043318b11a
added exclude-status option #596
2022-06-21 13:25:01 +09:00
DustInDark
91a781ffa2
changed way of getting arg due to clap derive
2022-06-16 17:40:58 +09:00
DustInDark
0f3f293606
fixed cargo clippy error
2022-06-11 04:38:52 +09:00
DustInDark
374db10a62
fixed test
2022-06-11 03:41:45 +09:00
DustInDark
71d58e6c62
separate load kind rule count and rules status count #583
2022-06-11 03:40:46 +09:00
DustInDark
8e2d1b6244
fixed test
2022-06-11 02:57:23 +09:00
DustInDark
056e63ce5a
output status field summary #583
2022-06-11 02:55:20 +09:00
DustInDark
af5a85fc0c
separate excluded and noisy rules count ( #559 )
...
* changed ignored rules display separately exclude rules and noisy rules.
* fixed tests #556
* cargo fmt
* updated changelog #556
* change order
* sorted output order #556
* cargo fmt
* screenshot update
Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com >
2022-06-03 11:56:20 +09:00
DustInDark
4c1aa94eba
display logo in green ( #552 )
...
* added termcolor reset function #537
* added logo green output #537
* fixed test
* cargo fmt
* updated changelog #537
* fixed clippy error
* update logo screenshot
* updated rules
* changed no colored logo when --no-color option is enabled
* fixed colored reset bug when --update-rules option is enabled
* fixed color reset bug when --level-tuning option is enabled
* cargo fmt
Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com >
2022-05-31 17:06:12 +09:00
DustInDark
a973b5b0f6
added exclude condition to .git folder #524
2022-05-19 20:57:57 +09:00
DustInDark
06ccf8382b
fixed to include noisy and exclude rules when level tuning #511
2022-04-20 18:30:05 +09:00
DustInDark
7c645010ee
fixed process when yml file exist in .git folder
...
* ignore when yml file exist in .git folder
2022-03-30 21:02:14 +09:00
DustInDark
7c7a86f7c9
Fixed Clippy Warnings ( #451 )
...
* fixed clippy warn
* fixed cargo clippy warnging
* fixed clippy warngings in clippy ver 0.1.59
* fixed clippy warnings clippy::unnecessary_to_owned
2022-03-17 08:43:48 +09:00
DustInDark
bb1f5f619d
Fix/fix clippy warn ( #434 )
...
- Fixed following Clippy Warnings(previous warning count: 671 -> after: 4)
- clippy::needless_return
- clippy::println_empty_string
- clippy::redundant_field_names
- clippy::single_char_pattern
- clippy::len_zero
- clippy::iter_nth_zero
- clippy::bool_comparison
- clippy::question_mark
- clippy::needless_collect
- clippy::unnecessary_unwrap
- clippy::ptr_arg
- clippy::needless_collect
- clippy::needless_borrow
- clippy::new_without_default
- clippy::assign_op_pattern
- clippy::bool_assert_comparison
- clippy::into_iter_on_ref
- clippy::deref_addrof
- clippy::while_let_on_iterator
- clippy::match_like_matches_macro
- clippy::or_fun_call
- clippy::useless_conversion
- clippy::let_and_return
- clippy::redundant_clone
- clippy::redundant_closure
- clippy::cmp_owned
- clippy::upper_case_acronyms
- clippy::map_identity
- clippy::unused_io_amount
- clippy::assertions_on_constants
- clippy::op_ref
- clippy::useless_vec
- clippy::vec_init_then_push
- clippy::useless_format
- clippy::bind_instead_of_map
- clippy::bool_comparison
- clippy::clone_on_copy
- clippy::too_many_arguments
- clippy::module_inception
- fixed clippy::needless_lifetimes
- fixed clippy::borrowed_box (Thanks for helping by hach1yon!)
2022-03-07 08:38:05 +09:00
DustInDark
92c472d451
Hotfix/moved rule configs to hayabusa rules repo#409 ( #414 )
...
* fixed target config path #409
* fixed target config file path in test #409
* fixed rules target #409
* Documentation fix, deleted unneeded config files
* added workflow
* changed submodule option
* fixed worksflow to ref submodule
* fixed gitmodules
* fixed workflow
* check code insert
* added update submodules command
* test rules update
* removed test runs
* fixed error
Co-authored-by: Tanaka Zakku <71482215+YamatoSecurity@users.noreply.github.com >
2022-02-26 18:19:19 +09:00
DustInDark
df30adfdef
changed hashmap library to tuneup #368 ( #369 )
...
* added color code emit_csv test
* replaced HashMap and HashSet to hashbrown #368
* removed debug output in test #368
* fixed colored test
2022-02-09 01:59:39 +09:00
DustInDark
84de8d01af
remove yaml ignore check#271 ( #385 )
...
* removed yaml ignore label check #271
* moved exclude rule filter check #271
* fixed colored test
2022-02-09 01:59:12 +09:00
kazuminn
d1597b2322
ルール場所指定オプションでファイルを扱えるようにする ( #364 )
...
* add only rule file path in --rules
* add error handling for metadata
* refactor
* add test
* rename test function
2022-01-31 12:09:25 +09:00
DustInDark
3412434d99
fixed error
2021-12-22 14:56:10 +09:00
DustInDark
bccdd8fef9
fixed error
...
- changed writer from stderr to bufwriter
- changed alert,warn function arg fro String to borrow-String
2021-12-21 14:44:26 +09:00
DustInDark
13494ec609
fixed tests
...
errored no defined error file in alert function call
2021-12-21 02:53:46 +09:00
DustInDark
46211711d6
fixed #301 #303 #309
...
Squashed commit of the following:
commit 617f12177fbf5066e141b5c1adf969b25c03fa3c
Author: DustInDark <nextsasasa@gmail.com >
Date: Tue Dec 21 00:57:13 2021 +0900
fix test typo and merge #301
commit 78926ebf55ae48566152c4097990ca1b1b536b53
Merge: c492ba1 83d891bnextsasasa@gmail.com >
Date: Tue Dec 21 00:22:55 2021 +0900
Merge branch 'main' into feature/output_errorlog_file#301
commit c492ba120a0d977d909b714c2506bd198200853b
Author: DustInDark <nextsasasa@gmail.com >
Date: Tue Dec 21 00:18:52 2021 +0900
renamed hayabusa-logs to logs
commit ac018917300e535c2bfc62b6a9df081d4beb1568
Author: DustInDark <nextsasasa@gmail.com >
Date: Mon Dec 20 23:48:48 2021 +0900
changed output file path deprecated #303
commit dcef677117555f2fac929b6d3b24ac18b5fb08fc
Author: DustInDark <nextsasasa@gmail.com >
Date: Mon Dec 20 23:47:42 2021 +0900
removed error file delete logic
commit b09dec2e4a5c679c3b3c242a655f01cb3b49d490
Author: DustInDark <nextsasasa@gmail.com >
Date: Mon Dec 20 23:46:49 2021 +0900
fixed -Q option flag #309
2021-12-21 01:03:33 +09:00
DustInDark
1aebdca160
Revert "Feature/output errorlog#301" ( #314 )
2021-12-20 20:59:30 +09:00
DustInDark
3c1753109a
fixed compile error #301
2021-12-20 15:28:00 +09:00
DustInDark
7d5f10e6cb
changed rule read warn output from std to errorlog write #301
2021-12-20 11:47:49 +09:00
DustInDark
dbba49b815
Hotfix/not work count#278 ( #281 )
...
* fixed countup structure #278
* fixed countup structure and count up field logic #278
* fixed tests #278
* added no output aggregation detect message when output exist in rule yaml #232
* moved get_agg_condtion to rulenode function #278
* added field_values to output count fields data #232 #278
- fixed count logic #278
- fixed count test to adjust field_values add
- added count test
* fixed count output format #232
* fixed compile error
* fixed count output #232
- moved output check to create_count_output
- fixed yaml condition reference
- adjust top and tail multi space
* added create count output test #232
* removed count by file #278
- commented by @YamatoSecurity
* changed sort function to sort_unstable_by
* fixed typo
* adjust to comment #281
ref: https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767283508
* adjust comment #281
refs
-
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767285993
-
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767286713
* adjust coment #281
ref:
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767287831
* omitted code #281
* adjust comment #281
ref:
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767302595
* adjust comment #281
ref:
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767303168
* adjust comment
ref:
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767307535
* omitted unnecessary code #281
* adjust comment #281
ref:
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767288428
* adjust commnet #281
ref:
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767286731
* adjust comment #281
ref:
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767285716
* adjust comment #281
ref:
159191ec36 (r767288428)#281
* removed debug print statement in testfunction
* adjust comment #281
ref
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767286731
* fixed output by level #278 #284
- fixed result counting process when rule has no aggregation condition #278
- added total output by level #284
* removed unnecessary crate
* fixed output #284
* removed unnecessary total/unique sum process #284
* add testcase and fix testcase bug
* add testcase, add check to check_cout()
* fixed count logic #278
* fixed test parameter
* add testcase
* fmt
* fixed count field check process #278
* fix testcase #281
* fixed comment typo
* removed one time used variable in test case #281
* fixed count field check process #278
* changed insert position #278
* changed contributor list
* fixed contributors list`
* passed with timeframe case #278
* passed all count test #278
* removed debug print
* removed debug print
* removed debug print
* cargo fmt
* changed by0level output format #284
* reduce clone() #278 #281
* changed for loop to map #278 #281
* fixed compile error
* changed priority from output in yml to aggregation output case aggregation condition exist in rule. #232
* fixed testcase #232
* changed if-let to generics #278 #281
* fixed error when test to sample_evtx#278 #281
* changed if-let to generic #278 #281
* adjust unwrap none error #278 #281
* fixed compile error and test case failed #278
Co-authored-by: ichiichi11 <takai.wa.hajime@gmail.com >
2021-12-19 20:48:29 +09:00
Yamato Security
a023ba46a6
Usage menu update ( #302 )
...
* Usage menu update
* usage menuの微調整
* fixed options #302
- changed show-deprecated to enable-deprecated-rules
- changed csv-timeline to output
- change show-noisyalerts to enable-noisy-rules
* fixed option #302
- changed starttimeline to start-timeline
* fixed option #302
- changed q to quiet option
* fixed options #302
- changed endtimeline to end-timeline option
- changed threadnum to thread-number option
Co-authored-by: DustInDark <nextsasasa@gmail.com >
2021-12-19 20:03:39 +09:00
kazuminn
7a6d264be0
feature : statusがdeprecatedなルールを読み込まない ( #272 )
...
* feature status deprecated exclude
* clean
* change logic and option name
* fix option description
2021-12-14 18:42:23 +09:00
kazuminn
a00a114101
refactor : rename variables and fix typo and add test ( #270 )
2021-12-10 23:01:47 +09:00
kazuminn
a2495b6b50
fix miss
2021-12-09 01:35:53 +09:00
kazuminn
db3616b56d
add test rule files
2021-12-09 01:29:23 +09:00
kazuminn
360d80b578
clear
2021-12-09 01:15:01 +09:00
kazuminn
b9831ca38a
add test for exclude rules
2021-12-09 00:57:40 +09:00
ichiichi11
191d1df9f0
add exclude files and fix bugs.
2021-12-04 19:23:50 +09:00
ichiichi11
9169214553
fix bug.
2021-12-04 19:09:41 +09:00
ichiichi11
c961c3768c
change from hashmap to hashset and remove unnecessary copy.
2021-12-04 18:46:11 +09:00
kazuminn
446e540d6f
merge main into feature/fill_no_use_rules
2021-12-02 00:49:54 +09:00
kazuminn
b9c415eab5
add
2021-12-02 00:43:31 +09:00
kazuminn
838a935d34
pass test
2021-12-02 00:33:19 +09:00
kazuminn
341a5e4f86
feature fillter no use rules
2021-11-30 22:54:36 +09:00
DustInDark
84f17323da
Hotfix/load rule level changed info to informational#237#238 ( #240 )
...
* changed INFO to informational #237
- INFO in rule level is changed to informational
* changed level load default rule from LOW to INFORMATIONAL #238
* fixed level description in doc and help menu #238
* removed test files
* removed test check file
2021-11-28 18:27:58 +09:00
Yamato Security
bc230f7cd5
英語修正 ( #236 )
...
* 英語修正
* cargo fmt
* fixed test assertion string data
Co-authored-by: DustInDark <nextsasasa@gmail.com >
2021-11-27 11:21:55 +09:00
