add CLI details functionality

2025-04-19 12:55:56 -04:00 · 2025-04-19 12:55:56 -04:00 · fd394fff36
commit fd394fff36
parent 657a33a189
3 changed files with 9 additions and 18 deletions
--- a/src/fylgja-cli.js
+++ b/src/fylgja-cli.js
@ -428,13 +428,13 @@ Fylgja CLI Help
 Basic Sigma Commands:
 - search sigma <keyword> - Search for Sigma rules by keyword
 - details sigma <rule_id> - Get details about a specific Sigma rule
- sigma stats - Get statistics about Sigma rules database
+- stats sigma - Get statistics about Sigma rules database

 Advanced Sigma Search Commands:
- search sigma rules where title contains "ransomware" - Search by title
- search sigma rules where tags include privilege_escalation - Search by tags
- search sigma rules where logsource.category == "process_creation" - Search by log source
- search sigma rules where modified after 2024-01-01 - Search by modification date
+- search sigma where title contains "ransomware" - Search by title
+- search sigma where tags include privilege_escalation - Search by tags
+- search sigma where logsource.category == "process_creation" - Search by log source
+- search sigma where modified after 2024-01-01 - Search by modification date


 - exit or quit - Exit the CLI
--- a/src/handlers/sigma/sigma_details_handler.js
+++ b/src/handlers/sigma/sigma_details_handler.js
@ -8,7 +8,6 @@ const logger = require('../../utils/logger');
 const { handleError } = require('../../utils/error_handler');
 const { getSigmaRuleDetails, getSigmaRuleYaml } = require('../../services/sigma/sigma_details_service');
 const { getSigmaRuleDetailsBlocks } = require('../../blocks/sigma/sigma_details_block');
-const { formatSigmaDetails } = require('../../utils/cli_formatters');

 const { getFileName } = require('../../utils/file_utils');
 const FILE_NAME = getFileName(__filename);
@ -77,8 +76,8 @@ const handleCommand = async (command, respond) => {
    
    // Return the response with both blocks for Slack and responseData for CLI
    await respond({
-      blocks: blocks, // For Slack
-      responseData: sigmaRuleDetailsResult.explanation, // For CLI
+      blocks: blocks, // For Slack interface
+      responseData: sigmaRuleDetailsResult.explanation, // For CLI interface
      response_type: 'in_channel'
    });
  } catch (error) {
--- a/src/lang/command_patterns.js
+++ b/src/lang/command_patterns.js
@ -17,20 +17,12 @@
 const commandPatterns = [
    // Sigma details patterns
    {
-        name: 'sigma-details-direct',
-        regex: /^(explain|get|show|display|details|info|about)\s+(rule|detection)\s+(from\s+)?sigma\s+(where\s+)?(id=|id\s+is\s+|with\s+id\s+)(.+)$/i,
-        action: 'details',
-        module: 'sigma',
-        params: [6] // rule ID is in capturing group 6
-    },
-    {
-        name: 'sigma-details-simple',
-        regex: /^(details|explain)\s+(.+)$/i,
+        name: 'sigma-details',
+        regex: /^sigma\s+(details|info|about)\s+(.+)$/i,
        action: 'details',
        module: 'sigma',
        params: [2] // rule ID is in capturing group 2
    },
-    
    // Sigma search patterns
    {
        name: 'sigma-search',