Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

不要な表示の削除 #39

Closed
hitenkoku opened this issue Aug 5, 2021 · 1 comment · Fixed by #40
Closed

不要な表示の削除 #39

hitenkoku opened this issue Aug 5, 2021 · 1 comment · Fixed by #40
Assignees
@hitenkoku

Comments

@hitenkoku
Copy link
Collaborator

hitenkoku commented Aug 5, 2021
edited
Loading

以下のような一部不要と思われる出力が見られるので原因を特定し、対象個所を削除する。

date:"2017-08-30 19:16:04.320779 UTC - 2017-08-30 19:16:06.877417 UTC" record-id: "660532 - 661160"

テスト対象データは https://github.com/sans-blue-team/DeepBlueCLI/tree/master/evtx を利用している
@hitenkoku hitenkoku self-assigned this Aug 5, 2021
@hitenkoku
Copy link
Collaborator Author

確認をしたところ、 https://github.com/Yamato-Security/RustyBlue/blob/main/src/detections/common.rs#L21 の関数が呼び出されていることによってこの事象が発生していることを確認した。

他関数では各自で出力の対応をしているためこちらの出力を削除することで
問題の記載が削除され、出力結果が変更なしであった場合は問題なしと判断する

hitenkoku added a commit that referenced this issue Aug 5, 2021
@hitenkoku
erase duplicated output function #39
e677f37
@hitenkoku hitenkoku mentioned this issue Aug 5, 2021
Merged
hitenkoku added a commit that referenced this issue Aug 10, 2021
@hitenkoku
erase duplicated output function #39 (#40)
9dc3e17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hitenkoku hitenkoku

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

erase duplicated output function #39 Yamato-Security/RustyBlue
1 participant
@hitenkoku