lotte/fylgja
0
Code Issues 5 Pull requests Projects Releases Packages Wiki Activity Actions

fixed emoji pagation issue

Browse source
This commit is contained in:
Charlotte Croce 2025-04-19 14:15:12 -04:00
parent ad6b108d3f
commit 977dd7e6d3
4 changed files with 71 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

1
.gitignore vendored
View file

@ -6,3 +6,4 @@ fylgja.yml
slack.yml slack.yml
sigma.db sigma.db
sigma-repo/ sigma-repo/
.VSCodeCounter

15
src/blocks/sigma/sigma_search_results_block.js
View file

@ -8,6 +8,7 @@
const logger = require('../../utils/logger'); const logger = require('../../utils/logger');
const { getFileName } = require('../../utils/file_utils'); const { getFileName } = require('../../utils/file_utils');
const { getProductEmoji } = require('../../utils/os_emojis');
const FILE_NAME = getFileName(__filename); const FILE_NAME = getFileName(__filename);
/** /**
@ -78,18 +79,8 @@ const getSearchResultBlocks = (keyword, results, pagination = {}) => {
const ruleId = safeRule.id || 'unknown'; const ruleId = safeRule.id || 'unknown';
logger.debug(`${FILE_NAME}: Adding result #${index + 1}: ${ruleId} - ${safeRule.title || 'Untitled'}`); logger.debug(`${FILE_NAME}: Adding result #${index + 1}: ${ruleId} - ${safeRule.title || 'Untitled'}`);
// Get OS emoji based on product // Get product emoji
const getOsEmoji = (product) => { const osEmoji = getProductEmoji(safeRule.logsource && safeRule.logsource.product);
if (!product) return '';
const productLower = product.toLowerCase();
if (productLower.includes('windows')) return ':window: ';
if (productLower.includes('mac') || productLower.includes('apple')) return ':apple: ';
if (productLower.includes('linux')) return ':penguin: ';
return '';
};
const osEmoji = getOsEmoji(safeRule.logsource && safeRule.logsource.product);
// Rule information and action button - with OS emoji before title and no ID field // Rule information and action button - with OS emoji before title and no ID field
blocks.push({ blocks.push({

4
src/handlers/sigma/actions/sigma_view_actions.js
View file

@ -6,7 +6,7 @@
const logger = require('../../../utils/logger'); const logger = require('../../../utils/logger');
const { handleError } = require('../../../utils/error_handler'); const { handleError } = require('../../../utils/error_handler');
const { getSigmaRuleYaml } = require('../../../services/sigma/sigma_details_service'); const { getSigmaRuleYaml } = require('../../../services/sigma/sigma_details_service');
const { searchSigmaRules } = require('../../../services/sigma/sigma_search_service'); const { searchSigmaRules, searchAndConvertRules } = require('../../../services/sigma/sigma_search_service');
const { getYamlViewBlocks } = require('../../../blocks/sigma/sigma_view_yaml_block'); const { getYamlViewBlocks } = require('../../../blocks/sigma/sigma_view_yaml_block');
const { getSearchResultBlocks } = require('../../../blocks/sigma/sigma_search_results_block'); const { getSearchResultBlocks } = require('../../../blocks/sigma/sigma_search_results_block');
const { processRuleDetails } = require('./sigma_action_core'); const { processRuleDetails } = require('./sigma_action_core');
@ -62,7 +62,7 @@ const handlePaginationAction = async (body, ack, respond) => {
logger.info(`${FILE_NAME}: Processing pagination request for "${keyword}" (page ${page}, size ${pageSize})`); logger.info(`${FILE_NAME}: Processing pagination request for "${keyword}" (page ${page}, size ${pageSize})`);
// Perform the search with the new pagination parameters // Perform the search with the new pagination parameters
const searchResult = await searchSigmaRules(keyword, page, pageSize); const searchResult = await searchAndConvertRules(keyword, page, pageSize);
if (!searchResult.success) { if (!searchResult.success) {
logger.error(`${FILE_NAME}: Search failed during pagination: ${searchResult.message}`); logger.error(`${FILE_NAME}: Search failed during pagination: ${searchResult.message}`);

65
src/utils/os_emojis.js Normal file
View file

@ -0,0 +1,65 @@
/**
* os_emojis.js
*
* Provides emoji mappings for different products/platforms in Sigma rules
*/
/**
* Get the appropriate emoji for a product
* @param {string} product - The product/platform name
* @returns {string} - The corresponding emoji string
*/
const getProductEmoji = (product) => {
if (!product) return '';
const productLower = product.toLowerCase();
// Mapping of products to their respective emojis
const emojiMap = {
'aws': ':cloud:',
'azure': ':cloud:',
'bitbucket': ':bucket:',
'cisco': ':satellite_antenna:',
'django': ':snake:',
'dns': ':globe_with_meridians:',
'fortios': ':shield:',
'gcp': ':cloud:',
'github': ':octocat:',
'huawei': ':satellite_antenna:',
'juniper': ':satellite_antenna:',
'jvm': ':coffee:',
'kubernetes': ':wheel_of_dharma:',
'linux': ':penguin:',
'm365': ':envelope:',
'macos': ':apple:',
'modsecurity': ':shield:',
'nodejs': ':green_heart:',
'okta': ':key:',
'onelogin': ':key:',
'opencanary': ':bird:',
'paloalto': ':shield:',
'python': ':snake:',
'qualys': ':mag:',
'rpc_firewall': ':fire_extinguisher:',
'ruby_on_rails': ':gem:',
'spring': ':leaves:',
'sql': ':floppy_disk:',
'velocity': ':zap:',
'windows': ':window:',
'zeek': ':eyes:'
};
// Check if the product is directly in our map
for (const [key, emoji] of Object.entries(emojiMap)) {
if (productLower.includes(key)) {
return emoji + ' ';
}
}
// Default emoji for unknown products
return ':computer: ';
};
module.exports = {
getProductEmoji
};