Sha256: 5a48f75b4cdab79ece9579de94bc6c27267d1fd9d492c73d5576f057056bd6e0
Contents?: true
Size: 1.57 KB
Versions: 1
Compression:
Stored size: 1.57 KB
Contents
# frozen_string_literal: true
module Mihari
module Commands
module Searcher
include Mixins::Database
include Mixins::ErrorNotification
def self.included(thor)
thor.class_eval do
desc "search [PATH]", "Search by a rule"
method_option :yes, type: :boolean, aliases: "-y", desc: "yes to overwrite the rule in the database"
def search(path_or_id)
rule = Structs::Rule.from_path_or_id path_or_id
# validate
begin
rule.validate!
rescue RuleValidationError
return
end
# check update
yes = options["yes"] || false
unless yes
with_db_connection do
next if Mihari::Rule.find(rule.id).data == rule.data.deep_stringify_keys
unless yes?("This operation will overwrite the rule in the database (Rule ID: #{rule.id}). Are you sure you want to update the rule? (y/n)")
return
end
rescue ActiveRecord::RecordNotFound
next
end
end
# update rule model
rule.model.save
with_error_notification do
alert = rule.analyzer.run
if alert
data = Mihari::Entities::Alert.represent(alert)
puts JSON.pretty_generate(data.as_json)
else
Mihari.logger.info "There is no new alert created in the database"
end
end
end
end
end
end
end
end
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| mihari-5.0.0 | lib/mihari/commands/searcher.rb |