add os and category labels to details and conversion slack blocks

src/services/sigma/sigma_details_service.js

@@ -25,15 +25,15 @@ async function getSigmaRuleDetails(ruleId) {
       message: 'Missing rule ID'
     };
   }
-  
+
   logger.info(`${FILE_NAME}: Running diagnostics for rule: ${ruleId}`);
   logger.info(`${FILE_NAME}: Explaining rule ${ruleId}`);
-  
+
   try {
     // Run diagnostics on the rule content first
     const diagnosticResult = await debugRuleContent(ruleId);
     logger.debug(`${FILE_NAME}: Diagnostic result: ${JSON.stringify(diagnosticResult || {})}`);
-    
+
     // Convert the rule ID to a structured object
     const conversionResult = await convertSigmaRule(ruleId);
     if (!conversionResult.success) {
@@ -43,9 +43,9 @@ async function getSigmaRuleDetails(ruleId) {
         message: conversionResult.message || `Failed to parse rule with ID ${ruleId}`
       };
     }
-    
+
     const rule = conversionResult.rule;
-    
+
     // Extra safety check
     if (!rule) {
       logger.error(`${FILE_NAME}: Converted rule is null for ID ${ruleId}`);
@@ -54,7 +54,7 @@ async function getSigmaRuleDetails(ruleId) {
         message: `Failed to process rule with ID ${ruleId}`
       };
     }
-    
+
     // Create a simplified explanation with safe access to properties
     const explanation = {
       id: rule.id || ruleId,
@@ -62,27 +62,28 @@ async function getSigmaRuleDetails(ruleId) {
       description: rule.description || 'No description provided',
       author: rule.author || 'Unknown author',
       severity: rule.level || 'Unknown',
+      logsource: rule.logsource || {}, // Add this line to include logsource info
       detectionExplanation: extractDetectionCondition(rule),
       falsePositives: Array.isArray(rule.falsepositives) ? rule.falsepositives :
-                     typeof rule.falsepositives === 'string' ? [rule.falsepositives] :
-                     ['None specified'],
+        typeof rule.falsepositives === 'string' ? [rule.falsepositives] :
+          ['None specified'],
       tags: Array.isArray(rule.tags) ? rule.tags : [],
       references: Array.isArray(rule.references) ? rule.references : []
     };
-    
+
     logger.info(`${FILE_NAME}: Successfully explained rule ${ruleId}`);
     logger.debug(`${FILE_NAME}: Explanation properties: ${Object.keys(explanation).join(', ')}`);
-    
-    return { 
-      success: true, 
-      explanation 
+
+    return {
+      success: true,
+      explanation
     };
   } catch (error) {
     logger.error(`${FILE_NAME}: Error explaining rule: ${error.message}`);
     logger.debug(`${FILE_NAME}: Error stack: ${error.stack}`);
-    return { 
-      success: false, 
-      message: `Error explaining rule: ${error.message}` 
+    return {
+      success: false,
+      message: `Error explaining rule: ${error.message}`
     };
   }
 }
@@ -102,13 +103,13 @@ async function getSigmaRuleYaml(ruleId) {
       message: 'Missing rule ID'
     };
   }
-  
+
   logger.info(`${FILE_NAME}: Getting YAML content for rule: ${ruleId}`);
-  
+
   try {
     // Get YAML content from database
     const yamlResult = await getRuleYamlContent(ruleId);
-    
+
     if (!yamlResult.success) {
       logger.warn(`${FILE_NAME}: Failed to retrieve YAML for rule ${ruleId}: ${yamlResult.message}`);
       return {
@@ -116,7 +117,7 @@ async function getSigmaRuleYaml(ruleId) {
         message: yamlResult.message || `Failed to retrieve YAML for rule with ID ${ruleId}`
       };
     }
-    
+
     // Add extra safety check for content
     if (!yamlResult.content) {
       logger.warn(`${FILE_NAME}: YAML content is empty for rule ${ruleId}`);
@@ -126,9 +127,9 @@ async function getSigmaRuleYaml(ruleId) {
         warning: 'YAML content is empty for this rule'
       };
     }
-    
+
     logger.debug(`${FILE_NAME}: Successfully retrieved YAML content with length: ${yamlResult.content.length}`);
-    
+
     // Return the YAML content
     return {
       success: true,