Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Debugging for /lookup command #229

Open
IlluminatiFish opened this issue Mar 26, 2024 · 1 comment
Open

Debugging for /lookup command #229

IlluminatiFish opened this issue Mar 26, 2024 · 1 comment
Assignees
@jonathan-d-zhang
Labels
enhancement New feature or request

Comments

@IlluminatiFish
Copy link
Member

The /lookup command should have a debug argument so that rule developers and maintainers can access matches in an non-intrusive way.

Ideally the lookup command in debug mode will return a list of files that were matched against the highest weighted rules.

For example:

+==============+==============+==========================+
|     File     | Matched Rule |      Match Metadata      |
+==============+==============+==========================+
| Activate.ps1 | some_rule_1  | line {lineno} - {string} |
+--------------+--------------+--------------------------+
| __init__.py  | some_rule_2  | line {lineno} - {string} |
+--------------+--------------+--------------------------+

Files that match some_rule_1 which has a weight of 10 will appear above files that match some_rule_2 that have a weight of 8
@jonathan-d-zhang
Copy link
Contributor

This will need to wait for match information to be tracked in both mainframe and the clients.

@IlluminatiFish IlluminatiFish added the enhancement New feature or request label May 15, 2024
@jonathan-d-zhang jonathan-d-zhang moved this to 📋 Backlog in Dragonfly Roadmap Aug 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@jonathan-d-zhang jonathan-d-zhang

Labels
enhancement New feature or request
Projects
Dragonfly Roadmap
Status: 📋 Backlog
Milestone
No milestone
Development

No branches or pull requests
2 participants
@IlluminatiFish @jonathan-d-zhang