dbba49b815
* fixed countup structure #278
* fixed countup structure and count up field logic #278
* fixed tests #278
* added no output aggregation detect message when output exist in rule yaml #232
* moved get_agg_condtion to rulenode function #278
* added field_values to output count fields data #232 #278
- fixed count logic #278
- fixed count test to adjust field_values add
- added count test
* fixed count output format #232
* fixed compile error
* fixed count output #232
- moved output check to create_count_output
- fixed yaml condition reference
- adjust top and tail multi space
* added create count output test #232
* removed count by file #278
- commented by @YamatoSecurity
* changed sort function to sort_unstable_by
* fixed typo
* adjust to comment #281
ref: https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767283508
* adjust comment #281
refs
-
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767285993
-
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767286713
* adjust coment #281
ref:
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767287831
* omitted code #281
* adjust comment #281
ref:
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767302595
* adjust comment #281
ref:
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767303168
* adjust comment
ref:
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767307535
* omitted unnecessary code #281
* adjust comment #281
ref:
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767288428
* adjust commnet #281
ref:
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767286731
* adjust comment #281
ref:
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767285716
* adjust comment #281
ref:
159191ec36 (r767288428)
* adjust test result #281
* removed debug print statement in testfunction
* adjust comment #281
ref
https://github.com/Yamato-Security/hayabusa/pull/281#discussion_r767286731
* fixed output by level #278 #284
- fixed result counting process when rule has no aggregation condition #278
- added total output by level #284
* removed unnecessary crate
* fixed output #284
* removed unnecessary total/unique sum process #284
* add testcase and fix testcase bug
* add testcase, add check to check_cout()
* fixed count logic #278
* fixed test parameter
* add testcase
* fmt
* fixed count field check process #278
* fix testcase #281
* fixed comment typo
* removed one time used variable in test case #281
* fixed count field check process #278
* changed insert position #278
* changed contributor list
* fixed contributors list`
* passed with timeframe case #278
* passed all count test #278
* removed debug print
* removed debug print
* removed debug print
* cargo fmt
* changed by0level output format #284
* reduce clone() #278 #281
* changed for loop to map #278 #281
* fixed compile error
* changed priority from output in yml to aggregation output case aggregation condition exist in rule. #232
* fixed testcase #232
* changed if-let to generics #278 #281
* fixed error when test to sample_evtx#278 #281
* changed if-let to generic #278 #281
* adjust unwrap none error #278 #281
* fixed compile error and test case failed #278
Co-authored-by: ichiichi11 <takai.wa.hajime@gmail.com>
