add simple script

2024-11-06 09:25:17 +00:00 · 2021-09-18 15:51:05 +02:00 · 2021-09-18 15:51:05 +02:00 · 5081c210b7
commit 5081c210b7
parent 31021b9c32
2 changed files with 61 additions and 0 deletions
--- a/tools/sigma/sigma_configurations_check.py
+++ b/tools/sigma/sigma_configurations_check.py
@ -0,0 +1,56 @@
+#!/usr/bin/env python3
+# A simple Sigma Configurations checker
+# Copyright frack113
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU Lesser General Public License for more details.
+
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+import sigma.backends.discovery as backends
+import ruamel.yaml
+from pathlib import Path
+
+def main():
+    list_backend =[]
+    for backend in sorted(backends.getBackendList(), key=lambda backend: backend.identifier):
+        list_backend.append(backend.identifier)
+
+    print(f"Valid backend name are {list_backend}")
+    print('result tab:')
+    print('|Name file|Backend|check')
+    print('|---|---|---')
+
+    valid = 0
+    empty = 0
+    faulty = 0
+    yml_files =Path('config/').glob("*.yml")
+    for yml in yml_files:
+       with yml.open("r",encoding="UTF-8") as f:
+           data = ruamel.yaml.load(f,Loader=ruamel.yaml.RoundTripLoader)
+           if 'backends' in data:
+               for backend in data['backends']:
+                   if backend in list_backend:
+                       print(f"|{yml.name:45} | {backend:30} | OK ")
+                       valid += 1
+                   else:
+                       print(f"|{yml.name:45} | {backend:30} | NOK")
+                       faulty += 1
+           else:
+              msg = "no backend set"
+              print(f"|{yml.name:45} | {msg:30} | -  ")
+              empty += 1
+
+    print('Summary')
+    print(f'Valid : {valid}  Invalid : {faulty} No Backend : {empty}')
+
+if __name__ == "__main__":
+    main()
--- a/tools/sigma_configurations_check
+++ b/tools/sigma_configurations_check
@ -0,0 +1,5 @@
+#!/usr/bin/env python3
+
+from sigma.sigma_configurations_check import main
+
+main()