Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: update-rules version check #1525

Merged
merged 2 commits into from
Dec 4, 2024
Merged

fix: update-rules version check #1525

merged 2 commits into from
Dec 4, 2024

Conversation

fukusuket
Copy link
Collaborator

@fukusuket fukusuket commented Dec 4, 2024
edited
Loading

What Changed

Evidence

% ./hayabusa

┏┓ ┏┳━━━┳┓  ┏┳━━━┳━━┓┏┓ ┏┳━━━┳━━━┓
┃┃ ┃┃┏━┓┃┗┓┏┛┃┏━┓┃┏┓┃┃┃ ┃┃┏━┓┃┏━┓┃
┃┗━┛┃┃ ┃┣┓┗┛┏┫┃ ┃┃┗┛┗┫┃ ┃┃┗━━┫┃ ┃┃
┃┏━┓┃┗━┛┃┗┓┏┛┃┗━┛┃┏━┓┃┃ ┃┣━━┓┃┗━┛┃
┃┃ ┃┃┏━┓┃ ┃┃ ┃┏━┓┃┗━┛┃┗━┛┃┗━┛┃┏━┓┃
┗┛ ┗┻┛ ┗┛ ┗┛ ┗┛ ┗┻━━━┻━━━┻━━━┻┛ ┗┛
   by Yamato Security

Hayabusa v3.0.0 - Dev Build
Yamato Security (https://github.com/Yamato-Security/hayabusa - @SecurityYamato)

Usage:
  hayabusa.exe <COMMAND> [OPTIONS]
  hayabusa.exe help <COMMAND> or hayabusa.exe <COMMAND> -h

Commands:
  computer-metrics     Output the total number of events according to computer names
  csv-timeline         Create a DFIR timeline and save it in CSV format
  eid-metrics          Output event ID metrics (total number and percent of events, channel, ID, event name)
  extract-base64       Extract and decode base64 strings from events
  json-timeline        Create a DFIR timeline and save it in JSON/JSONL format
  level-tuning         Tune alert levels for the DFIR timeline (default: ./rules/config/level_tuning.txt)
  list-contributors    Print the list of contributors
  list-profiles        List the output profiles for the DFIR timeline
  log-metrics          Output evtx file metadata (filename, computer names, number of events, first and last timestamps, channels, providers)
  logon-summary        Output a summary of successful and failed logons
  pivot-keywords-list  Create a list of pivot keywords
  search               Search all events by keyword(s) or regular expression
  set-default-profile  Set default output profile for the DFIR timeline
  update-rules         Update to the latest rules in the hayabusa-rules github repository
  help                 Print this message or the help of the given subcommand(s)

fukusuke@MacBookAir hayabusa-2.19.0-mac-aarch64 % ./hayabusa update-rules -q
Start time: 2024/12/04 23:14

You currently have the latest rules.

I would appreciate it if you could check it out when you have time🙏

@fukusuket fukusuket added the bug Something isn't working label Dec 4, 2024
@fukusuket fukusuket self-assigned this Dec 4, 2024
@fukusuket fukusuket marked this pull request as ready for review December 4, 2024 14:15
@fukusuket fukusuket changed the title fix: update-rules version check fix: update-rules version check Dec 4, 2024
YamatoSecurity
YamatoSecurity approved these changes Dec 4, 2024
View reviewed changes
Copy link
Collaborator

@YamatoSecurity YamatoSecurity left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@fukusuket Thanks for noticing this and fixing it! LGTM!

@YamatoSecurity YamatoSecurity merged commit 14e479a into main Dec 4, 2024
9 of 10 checks passed
@YamatoSecurity YamatoSecurity deleted the 1524-fix-update-rules-msg-in-v300 branch December 4, 2024 14:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@YamatoSecurity YamatoSecurity YamatoSecurity approved these changes

Assignees

@fukusuket fukusuket

Labels
bug Something isn't working
Projects
None yet
Milestone
3.0 3rd Year Anniversary Release
Development

Successfully merging this pull request may close these issues.

[bug] Wrong message in update-rules command in ver 3.0.0-dev
2 participants
@fukusuket @YamatoSecurity