Skip to content

Commit

Permalink
refactor: Share timestamp formatting option
Browse files Browse the repository at this point in the history
  • Loading branch information
@fukusuket
fukusuket committed Nov 12, 2024
1 parent 9f1f19d commit a314605
Show file tree
Hide file tree
Showing 16 changed files with 674 additions and 609 deletions.
277 changes: 166 additions & 111 deletions src/afterfact.rs
View file

Large diffs are not rendered by default.

362 changes: 128 additions & 234 deletions src/detections/configs.rs
View file

Large diffs are not rendered by default.

94 changes: 56 additions & 38 deletions src/detections/detection.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -318,7 +318,11 @@ impl Detection {
format_time(
&time,
false,
stored_static.output_option.as_ref().unwrap(),
&stored_static
.output_option
.as_ref()
.unwrap()
.time_format_options,
)
.into(),
),
Expand Down Expand Up @@ -787,7 +791,11 @@ impl Detection {
format_time(
&agg_result.start_timedate,
false,
stored_static.output_option.as_ref().unwrap(),
&stored_static
.output_option
.as_ref()
.unwrap()
.time_format_options,
)
.into(),
),
Expand Down Expand Up @@ -1296,7 +1304,6 @@ mod tests {
use yaml_rust2::YamlLoader;

use crate::detections;
use crate::detections::configs::load_eventkey_alias;
use crate::detections::configs::Action;
use crate::detections::configs::CommonOptions;
use crate::detections::configs::Config;
Expand All @@ -1307,6 +1314,7 @@ mod tests {
use crate::detections::configs::StoredStatic;
use crate::detections::configs::CURRENT_EXE_PATH;
use crate::detections::configs::STORED_EKEY_ALIAS;
use crate::detections::configs::{load_eventkey_alias, TimeFormatOptions};
use crate::detections::detection::Detection;
use crate::detections::rule::create_rule;
use crate::detections::rule::AggResult;
Expand Down Expand Up @@ -1335,13 +1343,15 @@ mod tests {
end_timeline: None,
start_timeline: None,
eid_filter: false,
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
time_format_options: TimeFormatOptions {
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
},
visualize_timeline: false,
rules: Path::new("./rules").to_path_buf(),
html_report: None,
Expand Down Expand Up @@ -1592,13 +1602,15 @@ mod tests {
end_timeline: None,
start_timeline: None,
eid_filter: false,
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
time_format_options: TimeFormatOptions {
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
},
visualize_timeline: false,
rules: Path::new("./rules").to_path_buf(),
html_report: None,
Expand Down Expand Up @@ -1731,13 +1743,15 @@ mod tests {
end_timeline: None,
start_timeline: None,
eid_filter: false,
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
time_format_options: TimeFormatOptions {
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
},
visualize_timeline: false,
rules: Path::new("./rules").to_path_buf(),
html_report: None,
Expand Down Expand Up @@ -1865,13 +1879,15 @@ mod tests {
end_timeline: None,
start_timeline: None,
eid_filter: false,
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
time_format_options: TimeFormatOptions {
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
},
visualize_timeline: false,
rules: Path::new("./rules").to_path_buf(),
html_report: None,
Expand Down Expand Up @@ -2015,13 +2031,15 @@ mod tests {
end_timeline: None,
start_timeline: None,
eid_filter: false,
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
time_format_options: TimeFormatOptions {
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
},
visualize_timeline: false,
rules: Path::new("./rules").to_path_buf(),
html_report: None,
Expand Down
18 changes: 10 additions & 8 deletions src/detections/rule/condition_parser.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -421,7 +421,7 @@ impl ConditionCompiler {
mod tests {
use crate::detections::configs::{
Action, CommonOptions, Config, CsvOutputOption, DetectCommonOption, InputOption,
OutputOption, StoredStatic, STORED_EKEY_ALIAS,
OutputOption, StoredStatic, TimeFormatOptions, STORED_EKEY_ALIAS,
};
use crate::detections::rule::condition_parser::ConditionCompiler;
use crate::detections::rule::create_rule;
Expand Down Expand Up @@ -467,13 +467,15 @@ mod tests {
end_timeline: None,
start_timeline: None,
eid_filter: false,
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
time_format_options: TimeFormatOptions {
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
},
visualize_timeline: false,
rules: Path::new("./rules").to_path_buf(),
html_report: None,
Expand Down
18 changes: 10 additions & 8 deletions src/detections/rule/count.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -542,7 +542,6 @@ mod tests {
use std::path::Path;

use crate::detections;
use crate::detections::configs::Action;
use crate::detections::configs::CommonOptions;
use crate::detections::configs::Config;
use crate::detections::configs::CsvOutputOption;
Expand All @@ -551,6 +550,7 @@ mod tests {
use crate::detections::configs::OutputOption;
use crate::detections::configs::StoredStatic;
use crate::detections::configs::STORED_EKEY_ALIAS;
use crate::detections::configs::{Action, TimeFormatOptions};
use crate::detections::rule::create_rule;
use crate::detections::rule::AggResult;
use crate::detections::utils;
Expand Down Expand Up @@ -598,13 +598,15 @@ mod tests {
end_timeline: None,
start_timeline: None,
eid_filter: false,
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
time_format_options: TimeFormatOptions {
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
},
visualize_timeline: false,
rules: Path::new("./rules").to_path_buf(),
html_report: None,
Expand Down
18 changes: 10 additions & 8 deletions src/detections/rule/matchers.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1044,7 +1044,7 @@ mod tests {
};
use crate::detections::configs::{
Action, CommonOptions, Config, CsvOutputOption, DetectCommonOption, InputOption,
OutputOption, StoredStatic, STORED_EKEY_ALIAS,
OutputOption, StoredStatic, TimeFormatOptions, STORED_EKEY_ALIAS,
};
use crate::detections::rule::matchers::FastMatch;
use crate::detections::rule::tests::parse_rule_from_str;
Expand All @@ -1071,13 +1071,15 @@ mod tests {
end_timeline: None,
start_timeline: None,
eid_filter: false,
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
time_format_options: TimeFormatOptions {
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
},
visualize_timeline: false,
rules: Path::new("./rules").to_path_buf(),
html_report: None,
Expand Down
20 changes: 11 additions & 9 deletions src/detections/rule/mod.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -409,6 +409,8 @@ mod tests {

use yaml_rust2::YamlLoader;

use super::RuleNode;
use crate::detections::configs::TimeFormatOptions;
use crate::detections::{
self,
configs::{
Expand All @@ -419,8 +421,6 @@ mod tests {
utils,
};

use super::RuleNode;

fn create_dummy_stored_static() -> StoredStatic {
StoredStatic::create_static_data(Some(Config {
action: Some(Action::CsvTimeline(CsvOutputOption {
Expand All @@ -441,13 +441,15 @@ mod tests {
end_timeline: None,
start_timeline: None,
eid_filter: false,
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
time_format_options: TimeFormatOptions {
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
},
visualize_timeline: false,
rules: Path::new("./rules").to_path_buf(),
html_report: None,
Expand Down
17 changes: 10 additions & 7 deletions src/detections/rule/selectionnodes.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -509,6 +509,7 @@ impl SelectionNode for LeafSelectionNode {
mod tests {
use std::path::Path;

use crate::detections::configs::TimeFormatOptions;
use crate::detections::{
self,
configs::{
Expand Down Expand Up @@ -539,13 +540,15 @@ mod tests {
end_timeline: None,
start_timeline: None,
eid_filter: false,
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
time_format_options: TimeFormatOptions {
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
},
visualize_timeline: false,
rules: Path::new("./rules").to_path_buf(),
html_report: None,
Expand Down
26 changes: 14 additions & 12 deletions src/detections/utils.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ use termcolor::{BufferWriter, ColorSpec, WriteColor};
use termcolor::{Color, ColorChoice};
use tokio::runtime::{Builder, Runtime};

use crate::detections::configs::{CURRENT_EXE_PATH, ONE_CONFIG_MAP};
use crate::detections::configs::{TimeFormatOptions, CURRENT_EXE_PATH, ONE_CONFIG_MAP};
use crate::detections::field_data_map::{convert_field_data, FieldDataMap, FieldDataMapKey};
use crate::detections::field_extract::extract_fields;
use crate::options::htmlreport;
Expand Down Expand Up @@ -628,7 +628,7 @@ pub fn check_rule_config(config_path: &PathBuf) -> Result<(), String> {
pub fn format_time(
time: &DateTime<Utc>,
date_only: bool,
output_option: &OutputOption,
output_option: &TimeFormatOptions,
) -> CompactString {
if !(output_option.utc || output_option.iso_8601) {
format_rfc(&time.with_timezone(&Local), date_only, output_option)
Expand All @@ -641,7 +641,7 @@ pub fn format_time(
fn format_rfc<Tz: TimeZone>(
time: &DateTime<Tz>,
date_only: bool,
time_args: &OutputOption,
time_args: &TimeFormatOptions,
) -> CompactString
where
Tz::Offset: std::fmt::Display,
Expand Down Expand Up @@ -820,6 +820,8 @@ mod tests {
use regex::Regex;
use serde_json::Value;

use super::{output_duration, output_profile_name};
use crate::detections::configs::TimeFormatOptions;
use crate::detections::field_data_map::FieldDataMapKey;
use crate::{
detections::{
Expand All @@ -832,8 +834,6 @@ mod tests {
options::htmlreport::HTML_REPORTER,
};

use super::{output_duration, output_profile_name};

#[test]
fn test_create_recordinfos() {
let record_json_str = r#"
Expand Down Expand Up @@ -1121,13 +1121,15 @@ mod tests {
end_timeline: None,
start_timeline: None,
eid_filter: false,
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
time_format_options: TimeFormatOptions {
european_time: false,
iso_8601: false,
rfc_2822: false,
rfc_3339: false,
us_military_time: false,
us_time: false,
utc: false,
},
visualize_timeline: false,
rules: Path::new("./rules").to_path_buf(),
html_report: Some(Path::new("dummy.html").to_path_buf()),
Expand Down
Loading

0 comments on commit a314605

Please sign in to comment.