From b84d05846905a1a7768d18a07fecc944cda18f60 Mon Sep 17 00:00:00 2001 From: Eric Leblond Date: Wed, 13 Nov 2024 14:49:54 +0100 Subject: [PATCH] suricatals: output type of rules as a hint --- suricatals/tests_rules.py | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/suricatals/tests_rules.py b/suricatals/tests_rules.py index 1708180..34cb9f7 100644 --- a/suricatals/tests_rules.py +++ b/suricatals/tests_rules.py @@ -595,6 +595,11 @@ def parse_engine_analysis_v2(self, json_path): except JSONDecodeError: pass signature_msg = {'content': signature_info['raw']} + if 'type' in signature_info: + if 'info' not in signature_msg: + signature_msg['info'] = [] + type_msg = f'Rule type is "{signature_info["type"]}"' + signature_msg['info'].append(type_msg) if 'id' in signature_info: signature_msg['sid'] = signature_info['id'] if 'flags' in signature_info: