Enable Creation of Individual Files for Translated Rules #59
Conversation
* enable specifying output-dir * add test for output creation * add test for nesting-level --------- Co-authored-by: Jan Aigner <[email protected]>
|
Hi! Thanks for the pull request! I've identified an issue while code review: It's possible that this change misses to output converted queries because there can be more queries returned by the backend than input rules, see the corresponding comment for details. Another issue I've discovered was while I tried to change to pyTest's |
|
Hi Thomas, I can´t see any comments of you in the code review part at the moment but I also realized the issue now. I added a new test While for only a single translated rule this can be handled easily, I´m wondering how this is solved best in general, because if a complete directory of rules is traversed and some of them generate more than one output, how can these outputs be mapped to the corresponding paths of the input rules? |
Hi everyone,
this PR adds two new optional parameters to the sigma-cli command
sigma convertand would close #58--output-dir(-od)--nesting-level(-nl)With
output_dirit is possible to specify a directory in which all rules from the input are stored. The difference to the existing--outputis that not all rules are written in a single file, instead within theoutput_dirthere will be one file created for each translated rule.The
nesting-levelparameter defaults to 1. With this value, when one callssigma convert rules/*with the following file hierarchy, the output_directory will contain all files on the same level. With anesting_levelof 2, the original structure with the parent directorieswindowsandlinuxwould be transferred to the output_directory.I hope the names and descriptions of the two operators are clear. I also added two test cases. In my opinion this can be helpful for some people. Please let me know what you think and feel free to make changes.