Merge pull request #1219 from Yamato-Security/1206-print-count-of-rul…

…es-in-the-scan-wizard

Added print count of rules in the scan wizard

CHANGELOG-Japanese.md

@@ -1,11 +1,23 @@
 # 変更点
 
-## 2.x.x [xxxx/xx/xx]
+## 2.11.0 [2023/XX/XX] "XXX Release"
 
 **新機能:**
 
 - PowerShell classicログのフィールドを抽出するようにした。(`--no-pwsh-field-extraction`で無効化できる) (#1220) (@fukusuket)
 
+**改善:**
+
+- スキャンウィザードにルール数を追加した. (#1206) (@hitenkoku)
+
+**バグ修正:**
+
+- xxx
+
+**その他:**
+
+- xxx
+
 ## 2.10.1 [2023/11/12] "Kamemushi Release"
 
 **改善:**

CHANGELOG.md

@@ -1,11 +1,23 @@
 # Changes
 
-## 2.x.x [xxxx/xx/xx]
+## 2.11.0 [2023/XX/XX] "XX Release"
 
 **New Features:**
 
 - Extraction of fields from PowerShell classic logs. (Can disable with `--no-pwsh-field-extraction`) (#1220) (@fukusuket)
 
+**Enhancements:**
+
+- Added rule count in the scan wizard. (#1206) (@hitenkoku)
+
+**Bug Fixes:**
+
+- XXX
+
+**Other:**
+
+- XXX
+
 ## 2.10.1 [2023/11/13] "Kamemushi Release"
 
 **Enhancements:**

src/afterfact.rs

@@ -72,7 +72,7 @@ pub fn set_output_color(no_color_flag: bool) -> HashMap<CompactString, Colors> {
             return;
         }
         let empty = &"".to_string();
-        let level = CompactString::new(line.get(0).unwrap_or(empty).to_lowercase());
+        let level = CompactString::new(line.first().unwrap_or(empty).to_lowercase());
         let convert_color_result = hex::decode(line.get(1).unwrap_or(empty).trim());
         if convert_color_result.is_err() {
             AlertMessage::warn(&format!(
@@ -498,7 +498,7 @@ fn emit_csv<W: std::io::Write>(
                 let level_suffix = get_level_suffix(detect_info.level.as_str());
                 let author_list = author_list_cache
                     .entry(detect_info.rulepath.clone())
-                    .or_insert_with(|| extract_author_name(&detect_info.rulepath, stored_static))
+                    .or_insert_with(|| extract_author_name(&detect_info.rulepath))
                     .clone();
                 let author_str = author_list.iter().join(", ");
                 detect_rule_authors.insert(detect_info.rulepath.to_owned(), author_str.into());
@@ -1792,9 +1792,8 @@ fn output_detected_rule_authors(
 }
 
 /// 与えられたyaml_pathからauthorの名前を抽出して配列で返却する関数
-fn extract_author_name(yaml_path: &str, stored_static: &StoredStatic) -> Nested<String> {
-    let parser = ParseYaml::new(stored_static);
-    let contents = match parser.read_file(Path::new(&yaml_path).to_path_buf()) {
+fn extract_author_name(yaml_path: &str) -> Nested<String> {
+    let contents = match ParseYaml::read_file(Path::new(&yaml_path).to_path_buf()) {
         Ok(yaml) => Some(yaml),
         Err(e) => {
             AlertMessage::alert(&e).ok();

src/detections/configs.rs

@@ -676,7 +676,7 @@ impl StoredStatic {
                 lines
                     .iter()
                     .try_for_each(|line| -> Result<(), String> {
-                        let provider = match line.get(0) {
+                        let provider = match line.first() {
                             Some(_provider) => _provider.trim(),
                             _ => {
                                 return Result::Err(
@@ -2028,7 +2028,7 @@ pub fn load_eventkey_alias(path: &str) -> EventKeyAliasConfig {
         }
 
         let empty = &"".to_string();
-        let alias = line.get(0).unwrap_or(empty);
+        let alias = line.first().unwrap_or(empty);
         let event_key = line.get(1).unwrap_or(empty);
         if alias.is_empty() || event_key.is_empty() {
             return;
@@ -2522,7 +2522,7 @@ fn load_eventcode_info(path: &str) -> EventInfoConfig {
         }
 
         let empty = &"".to_string();
-        let channel = line.get(0).unwrap_or(empty);
+        let channel = line.first().unwrap_or(empty);
         let eventcode = line.get(1).unwrap_or(empty);
         let event_title = line.get(2).unwrap_or(empty);
         infodata = EventInfo {

src/detections/field_data_map.rs

@@ -166,7 +166,7 @@ mod tests {
     fn build_yaml(s: &str) -> Yaml {
         YamlLoader::load_from_str(s)
             .unwrap_or_default()
-            .get(0)
+            .first()
             .unwrap()
             .clone()
     }