Skip to content

Commit

Permalink
fix: add supported extension jsonl
Browse files Browse the repository at this point in the history
  • Loading branch information
@fukusuket
fukusuket committed Dec 16, 2024
1 parent 8e56e37 commit 0a3107a
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 1 deletion.
1 change: 1 addition & 0 deletions src/detections/configs.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2323,6 +2323,7 @@ pub fn get_target_extensions(arg: Option<&Vec<String>>, json_input_flag: bool) -
let mut target_file_extensions: HashSet<String> = convert_option_vecs_to_hs(arg);
if json_input_flag {
target_file_extensions.insert(String::from("json"));
target_file_extensions.insert(String::from("jsonl"));
} else {
target_file_extensions.insert(String::from("evtx"));
}
Expand Down
4 changes: 3 additions & 1 deletion src/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1875,7 +1875,9 @@ impl App {
}

let (detection_tmp, cnt_tmp, tl_tmp, recover_cnt_tmp, mut detect_infos) =
if evtx_file.extension().unwrap() == "json" {
if evtx_file.extension().unwrap() == "json"
|| evtx_file.extension().unwrap() == "jsonl"
{
self.analysis_json_file(
(evtx_file, time_filter, target_event_ids, stored_static),
detection,
Expand Down

0 comments on commit 0a3107a

Please sign in to comment.