fylgja/src/lang/command_patterns.js

/**
 * command_patterns.js
 * 
 * Defines pattern matching rules for natural language commands
 * Each pattern includes a regex and mapping for parameter extraction
 */

/**
 * Command patterns array
 * Each pattern object contains:
 * - name: A descriptive name for the pattern
 * - regex: A regular expression to match the command
 * - action: The action to perform (e.g., details, search)
 * - module: The module to use (e.g., sigma, alerts)
 * - params: Array of capturing group indices to extract parameters
 */
const commandPatterns = [
    // Sigma details patterns
    {
        name: 'details-sigma',
        regex: /^details\s+sigma\s+(.+)$/i,
        action: 'details',
        module: 'sigma',
        params: [1] // rule ID is in capturing group 1
    },
    // Sigma search patterns
    {
        name: 'search-sigma-complex-1',
        regex: /^search\s+sigma\s+rules?\s*(where|with)\s+(.+)$/i,
        action: 'complexSearch',
        module: 'sigma',
        params: [4] // complex query conditions in capturing group 4
    },
    // Alternate form without "rules"
    {
        name: 'search-sigma-complex-2',
        regex: /^search\s+sigma\s+(where|with)\s+(.+)$/i,
        action: 'complexSearch',
        module: 'sigma',
        params: [3] // complex query conditions in capturing group 3
    },
    // Simple keyword search pattern
    {
        name: 'search-sigma-simple',
        regex: /^search\s+sigma\s+(.+)$/i,
        action: 'search',
        module: 'sigma',
        params: [2] // keyword is in capturing group 2
    },
    // Sigma create patterns
    {
        name: 'sigma-create',
        regex: /^(create|convert)\s+sigma\s+rule\s+where\s+id=(.+)$/i,
        action: 'create',
        module: 'sigma',
        params: [2] // rule ID is in capturing group 2
    },
    
    {
        name: 'stats-sigma',
        regex: /^stats\s+sigma$/i,
        action: 'stats',
        module: 'sigma',
        params: []
    }
];

module.exports = commandPatterns;