Skip to content

Commit

Permalink
feat(main): no asking about deprecated and unsupported excluded when …
Browse files Browse the repository at this point in the history 
…All alert or event selected #1206
  • Loading branch information
@hitenkoku
hitenkoku committed Nov 23, 2023
1 parent 65886a8 commit e65e1d4
Showing 1 changed file with 36 additions and 34 deletions.
70 changes: 36 additions & 34 deletions src/main.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1194,22 +1194,42 @@ impl App {
exclude_tags.push("detection.threat_hunting".into());
}
}

Check warning on line 1196 in src/main.rs

View check run for this annotation

Codecov / codecov/patch

src/main.rs#L1184-L1196 

Added lines #L1184 - L1196 were not covered by tests
}
if let Some(dep_cnt) = exclude_noisy_cnt.get("deprecated") {
// deprecated rules load prompt
let prompt_fmt = format!("Include deprecated rules? ({} rules)", dep_cnt);
let dep_rules_load_flag = Confirm::with_theme(&ColorfulTheme::default())
.with_prompt(prompt_fmt)
.default(false)
.show_default(true)
.interact()
.unwrap();
if dep_rules_load_flag {
stored_static
.output_option
.as_mut()
.unwrap()
.enable_deprecated_rules = true;
} else {
// If "4. All alert rules" or "5. All event and alert rules" was selected, ask questions about deprecated and unsupported rules.
if let Some(dep_cnt) = exclude_noisy_cnt.get("deprecated") {

Check warning on line 1199 in src/main.rs

View check run for this annotation

Codecov / codecov/patch

src/main.rs#L1199 

Added line #L1199 was not covered by tests
// deprecated rules load prompt
let prompt_fmt = format!("Include deprecated rules? ({} rules)", dep_cnt);
let dep_rules_load_flag = Confirm::with_theme(&ColorfulTheme::default())
.with_prompt(prompt_fmt)
.default(false)
.show_default(true)
.interact()
.unwrap();
if dep_rules_load_flag {
stored_static
.output_option
.as_mut()
.unwrap()
.enable_deprecated_rules = true;
}
}
if let Some(unsup_cnt) = exclude_noisy_cnt.get("unsupported") {

Check warning on line 1216 in src/main.rs

View check run for this annotation

Codecov / codecov/patch

src/main.rs#L1201-L1216 

Added lines #L1201 - L1216 were not covered by tests
// unsupported rules load prompt
let prompt_fmt = format!("Include unsupported rules? ({} rules)", unsup_cnt);
let unsupported_rules_load_flag =
Confirm::with_theme(&ColorfulTheme::default())
.with_prompt(prompt_fmt)
.default(false)
.show_default(true)
.interact()
.unwrap();
if unsupported_rules_load_flag {
stored_static
.output_option
.as_mut()
.unwrap()
.enable_unsupported_rules = true;
}
}

Check warning on line 1233 in src/main.rs

View check run for this annotation

Codecov / codecov/patch

src/main.rs#L1218-L1233 

Added lines #L1218 - L1233 were not covered by tests
}

Expand All @@ -1231,24 +1251,6 @@ impl App {
}
}

if let Some(unsup_cnt) = exclude_noisy_cnt.get("unsupported") {
// unsupported rules load prompt
let prompt_fmt = format!("Include unsupported rules? ({} rules)", unsup_cnt);
let unsupported_rules_load_flag = Confirm::with_theme(&ColorfulTheme::default())
.with_prompt(prompt_fmt)
.default(false)
.show_default(true)
.interact()
.unwrap();
if unsupported_rules_load_flag {
stored_static
.output_option
.as_mut()
.unwrap()
.enable_unsupported_rules = true;
}
}

if let Some(sysmon_cnt) = tags_cnt.get("sysmon") {
let prompt_fmt = format!("Include sysmon rules? ({} rules)", sysmon_cnt);
let sysmon_rules_load_flag = Confirm::with_theme(&ColorfulTheme::default())
Expand Down

0 comments on commit e65e1d4

Please sign in to comment.