From 777b007bb46cc2a08aaa51a23910b3cdd5a54315 Mon Sep 17 00:00:00 2001
From: fukusuket <41001169+fukusuket@users.noreply.github.com>
Date: Sat, 15 Jun 2024 08:14:01 +0900
Subject: [PATCH] feat: add support for correlation name lookup

---
 src/detections/rule/correlation_parser.rs | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/detections/rule/correlation_parser.rs b/src/detections/rule/correlation_parser.rs
index e7c5df878..e45678774 100644
--- a/src/detections/rule/correlation_parser.rs
+++ b/src/detections/rule/correlation_parser.rs
@@ -23,6 +23,11 @@ fn is_related_rule(rule_node: &RuleNode, id_or_title: &str) -> bool {
                 return true;
             }
         }
+        if let Some(title) = hash.get(&Yaml::String("name".to_string())) {
+            if title.as_str() == Some(id_or_title) {
+                return true;
+            }
+        }
     }
     false
 }