CSEC_PUBLIC/hayabusa
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
305 Commits 6 Branches 18 Tags
4bb445d4f58515a5bf9e6cce991107c624c3992c
Commit Graph

58 Commits

Author SHA1 Message Date
itiB
4bb445d4f5 Add: time filter 2021-12-07 00:50:00 +09:00
itiB
cc7697a319 Merge branch 'main' into feature/start_finish_time 2021-12-06 23:07:08 +09:00
DustInDark
8b9dac961a added progress bar #199 (#247) 2021-12-03 10:12:31 +09:00
James Takai / hach1yon
2febaa9b73 add target event filtering. (#242) 2021-11-28 19:02:27 +09:00
DustInDark
84f17323da Hotfix/load rule level changed info to informational#237#238 (#240) 
* changed INFO to informational #237

- INFO in rule level is changed  to informational

* changed level load default rule from LOW to INFORMATIONAL #238

* fixed level description in doc and help menu #238

* removed test files

* removed test check file
 2021-11-28 18:27:58 +09:00
Yamato Security
bc230f7cd5 英語修正 (#236) 
* 英語修正

* cargo fmt

* fixed test assertion string data

Co-authored-by: DustInDark <nextsasasa@gmail.com>
 2021-11-27 11:21:55 +09:00
DustInDark
b48f774b93 Feature/output unique detection#209 (#225) 
* checked contributors #141

- because RustyBlue code contributor(not hayabusa contributor) was mixed in hayabusa contributor

* changed yaml count name

* changed ruletype string #157

* fixed output of parse error #157

* fixed output

* added level unique detection output #209
 2021-11-24 21:15:43 +09:00
itiB
b2692ef983 Add: input function for start/end option 2021-11-24 00:09:41 +09:00
itiB
034f9c0957 Add: sigma rules (#175) 2021-11-22 08:45:44 +09:00
DustInDark
b53342218c Feature/output logo#206 (#222) 
* add output logo #206

* added newline and orgnization name #206

* add output rule count #200

* Changed yml summarize the totals for each folder hierarchy. #157

* added analyzing evtx file count output #157

* added loaded rule count output #157

* added quiet option #206
 2021-11-21 15:16:44 +09:00
DustInDark
86321a4502 Feature/output read rule directory#201 (#221) 
* fixed filepath evtx extension #162

* added rules option to config usage #201

* fixed filepath evtx extension rule #162

* added rules directory read feature #201

* added test case #201

* fixed usage set #201

* removed all check rule #201

* fixed rule read function data #201
 2021-11-20 14:01:50 +09:00
DustInDark
199a8231c1 v1.0でリリースしない機能の削除、contributorsの表示、levelオプションのデフォルト値修正 #141 #211 (#218) 
* changed default level to Low #211

* fixed usage #211

* erased Lang option #195

* changed output credit to contributors #141

* Removed contributor information for uncreated features and features that will not be introduced in v1.0. #141

* removed slack notification feature #202

- removed config option
- removed artifact slack notification call

* removed description of slack notification #202

* fixed default level to Low #211

* removed description about slack notification #202
 2021-11-20 09:56:59 +09:00
DustInDark
e2ac686c3f Feature/verbose output rule and file#188 (#219) 
* added verbose output rule and evtx path #188

* fixed typo

* changed yaml read error to warn message #188

- added AlertMessage::warn
- yaml read error changed from error to warn
 2021-11-20 09:10:17 +09:00
James
22c8302c4c change from stdout to stderr. (#190) 2021-11-12 13:21:14 +09:00
DustInDark
66b8f2de9e Feature/risk level condition#45 (#186) 
* add risk level filter arguments #45

* fix default level in help #45

* add test yaml files #45

* refactoring and fix level argument usage.

* cargo fmt --all

Co-authored-by: ichiichi11 <takai.wa.hajime@gmail.com>
 2021-11-11 23:47:29 +09:00
DustInDark
be04a0410e Hotfix/hidden file read159 (#180) 
* added error output of no evtx extension in  filepath and directory args #159

* fixed error of  hidden file read #159

- file extension is limited to yml  when load of rule

* fix for no extension rule file.

Co-authored-by: ichiichi11 <takai.wa.hajime@gmail.com>
 2021-11-10 22:55:20 +09:00
DustInDark
b278f12cec Feature/output elapsedtime153 (#172) 
* add output process count of detects events #151

* add output process count of detects event when output stdio #151

* add format enter

* add output elapsed time #153

* fixed output position #153
 2021-11-10 19:38:04 +09:00
James
1bdf6943ff update (#171) 2021-11-09 00:50:15 +09:00
James
c97cf7373a change from lagotto to hayabusa. (#170) 2021-11-09 00:32:24 +09:00
James
4a1e46e47e Feature/#140 document (#144) 
* update

* fix regexes and whitelist

* underconstructing

* fix

* update

* add pic

* update

* update

* update

* fix
 2021-10-22 00:43:40 +09:00
garigariganzy
76103d31f3 Feature/event stats#105 (#137) 
Event集計機能実装

Co-authored-by: HajimeTakai <takai.wa.hajime@gmail.com>
 2021-09-20 23:53:45 +09:00
James
a469e6e60b #102実装しました。 (#133) 2021-09-09 10:37:33 +09:00
James
9b8bed70f8 Feature/timeline template #104 (#106) 
* under constructing

* add statistics template

* fix

* add comment

* change for statistics
 2021-05-16 01:34:48 +09:00
Alan Smithee
a68a59417d Feature/add eventfilepath to csv #76 (#89) 
* Feature/call error message struct#66 (#69)

* change  way to use write trait #66

* change call error message struct #66

* erase finished TODO #66

* erase comment in error message format test #66

* resolve conflict #66

* Feature/call error message struct#66 (#71)

* change ERROR writeln struct #66

* add evtx file path export to csv #76

* fixed test case #76

* fix for #76

* forget cargo fmt -all

* fix testcase

Co-authored-by: ichiichi11 <takai.wa.hajime@gmail.com>
 2021-05-01 09:49:48 +09:00
nishikawaakira
7b0357b120 Feature/changeSingleton#53,#65 (#67) 
* change from singleton to global variable

* issue #65

* #65 test mode implemented

* cargo fmt --all
 2021-03-19 04:46:52 +09:00
akiranishikawa
a87058743e cargo fmt 2020-12-13 17:28:00 +09:00
nishikawaakira
83cf1e398c Merge branch 'main' into feature/emit_csv2 2020-12-13 08:18:29 +00:00
nishikawaakira
ca68005d90 Merge pull request #49 from YamatoSecurity/feature/main_refactor 
refactor
 2020-12-10 20:28:11 +00:00
kazuminn
cec683408e refactor 2020-12-07 17:45:05 +09:00
kazuminn
b9189f8e31 refactor 2020-12-06 22:28:00 +09:00
ichiichi11
b6c89c754b implement directory option 2020-12-05 23:30:09 +09:00
itiB
7d43885d05 feat: emit DateTime with selected timezone 
@fox
 2020-12-05 02:47:19 +09:00
akiranishikawa
cd8948de4c merge emit_csv 2020-11-30 08:38:01 +09:00
akiranishikawa
43cfd814a5 message print 2020-11-29 10:16:08 +09:00
itiB
90bf79f85b rm: after_fact()'s return val(Error) 2020-11-29 02:04:28 +09:00
kazuminn
acd226edc6 refactor 2020-11-25 21:42:30 +09:00
kazuminn
7933b20271 add credits template 2020-11-25 21:37:34 +09:00
itiB
eadf576065 Add: afterfact.rs for emit csv file 2020-11-19 01:21:03 +09:00
itiB
3933d839ab rm: enum Lang & configs::singleton() call 2020-11-06 14:46:34 +09:00
itiB
28d5731ef0 Update: store toml rules in config.rs - Singleton 2020-11-05 19:40:04 +09:00
itiB
e8c0ec44f8 rm: unnecessary MessageText struct 2020-11-05 04:21:52 +09:00
itiB
96e379cc52 solve threads... 2020-11-05 04:21:51 +09:00
itiB
1d8a9c19d2 Update: read messages from rules/**.toml 2020-11-05 04:21:50 +09:00
itiB
c53b4b6f46 feat: switch lang from args 2020-11-05 04:21:50 +09:00
itiB
8e84535e7b WIP: collect args to singleton 2020-11-05 04:21:50 +09:00
daichi
369c7c1e55 add test 2020-10-26 22:28:39 +09:00
daichi
46aa50a597 fmt 2020-10-25 23:51:59 +09:00
daichi
c03ca73f6c fix 2020-10-25 23:50:49 +09:00
daichi
f0131f8c5f fmt 2020-10-25 16:44:51 +09:00
akiranishikawa
03be1dad34 cargo fmt --all 2020-10-10 11:14:39 +09:00