From 9244ab359512e13353df514f0a1f2a2262c807bb Mon Sep 17 00:00:00 2001
From: fukusuket <41001169+fukusuket@users.noreply.github.com>
Date: Thu, 26 Dec 2024 23:31:52 +0900
Subject: [PATCH] chg: keep expand modifiers as-as

---
 sigma-to-hayabusa-converter.py | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/sigma-to-hayabusa-converter.py b/sigma-to-hayabusa-converter.py
index 4271979..5814b8c 100644
--- a/sigma-to-hayabusa-converter.py
+++ b/sigma-to-hayabusa-converter.py
@@ -510,6 +510,7 @@ def build_out_path(base_dir: str, out_dir: str, sigma_path: str, sysmon: bool) -
     new_path = new_path.replace('/rules-dfir', '/dfir')
     new_path = new_path.replace('/rules-emerging-threats', '/emerging-threats')
     new_path = new_path.replace('/rules-threat-hunting', '/threat-hunting')
+    new_path = new_path.replace('/rules-placeholder', '/placeholder')
     new_path = new_path.replace('/rules', '')
     if sysmon:
         return out_dir + '/sysmon' + new_path
@@ -610,8 +611,6 @@ def find_windows_sigma_rule_files(root: str, rule_pattern: str):
             filepath = os.path.join(dirpath, filename)
             if not any(target in dirpath for target in ["rule", "deprecated", "unsupported"]):
                 continue  # フォルダパスにrule/deprecated/unsupportedがつかないものは、Sigmaルールと関係ないため、除外
-            if  any(target in dirpath for target in ["rules-placeholder"]):
-                continue  # rules-placeholderはサポートしていないため、除外
             try:
                 with open(filepath, encoding="utf-8") as f:
                     yaml = ruamel.yaml.YAML()