Sha256: 9e3168f7237ccab6b05a143950c4aaaf4038bf18d4bd61d0d8f964ed4a33ebc6
Contents?: true
Size: 1.76 KB
Versions: 10
Compression:
Stored size: 1.76 KB
Contents
# frozen_string_literal: true module Mihari module Commands module Search include Mixins::Database include Mixins::Rule include Mixins::ErrorNotification def self.included(thor) thor.class_eval do desc "search [RULE]", "Search by a rule" method_option :yes, type: :boolean, aliases: "-y", desc: "yes to overwrite the rule in the database" def search_by_rule(path_or_id) rule = load_rule(path_or_id) # validate begin validate_rule! rule rescue RuleValidationError => e raise e end # check update id = rule.id yes = options["yes"] || false unless yes with_db_connection do rule_ = Mihari::Rule.find(id) next if rule.yaml == rule_.yaml return unless yes?("This operation will overwrite the rule in the database (Rule ID: #{id}). Are you sure you want to update the rule? (yes/no)") rescue ActiveRecord::RecordNotFound next end end analyzer = rule.to_analyzer with_error_notification do alert = analyzer.run if alert data = Mihari::Entities::Alert.represent(alert) puts JSON.pretty_generate(data.as_json) else Mihari.logger.info "There is no new artifact" end # record a rule with_db_connection do model = rule.to_model model.save rescue ActiveRecord::RecordNotUnique nil end end end end end end end end
Version data entries
10 entries across 10 versions & 1 rubygems