98 lines
No EOL
3.1 KiB
JavaScript
98 lines
No EOL
3.1 KiB
JavaScript
/**
|
|
* sigma_details_handler.js
|
|
*
|
|
* Handles Sigma rule details requests from both Slack commands and CLI
|
|
* Processes requests for rule explanations
|
|
*/
|
|
const logger = require('../../utils/logger');
|
|
const { handleError } = require('../../utils/error_handler');
|
|
const { getSigmaRuleDetails, getSigmaRuleYaml } = require('../../services/sigma/sigma_details_service');
|
|
const { getSigmaRuleDetailsBlocks } = require('../../blocks/sigma/sigma_details_block');
|
|
|
|
const { getFileName } = require('../../utils/file_utils');
|
|
const FILE_NAME = getFileName(__filename);
|
|
|
|
/**
|
|
* Handle the sigma-details command for Sigma rules
|
|
*
|
|
* @param {Object} command - The Slack command or CLI command object
|
|
* @param {Function} respond - Function to send response back to Slack or CLI
|
|
*/
|
|
const handleCommand = async (command, respond) => {
|
|
try {
|
|
logger.debug(`${FILE_NAME}: Processing sigma-details command: ${command.text}`);
|
|
|
|
// Determine if request is from CLI
|
|
const isCliRequest = command.channel_id === 'cli' || command.channel_name === 'cli';
|
|
|
|
if (!command || !command.text) {
|
|
logger.warn(`${FILE_NAME}: Empty command received for sigma-details`);
|
|
await respond({
|
|
text: 'Invalid command. Usage: /sigma-details [id] or "details sigma [id]"',
|
|
response_type: 'ephemeral'
|
|
});
|
|
return;
|
|
}
|
|
|
|
// Extract rule ID
|
|
const ruleId = command.text.trim();
|
|
|
|
if (!ruleId) {
|
|
logger.warn(`${FILE_NAME}: Missing rule ID in sigma-details command`);
|
|
await respond({
|
|
text: 'Invalid command: missing rule ID. Usage: /sigma-details [id] or "details sigma [id]"',
|
|
response_type: 'ephemeral'
|
|
});
|
|
return;
|
|
}
|
|
|
|
// Inform user we're processing
|
|
await respond({
|
|
text: 'Processing your request... This may take a moment.',
|
|
response_type: 'ephemeral'
|
|
});
|
|
|
|
// Get the rule explanation
|
|
const sigmaRuleDetailsResult = await getSigmaRuleDetails(ruleId);
|
|
|
|
if (!sigmaRuleDetailsResult.success) {
|
|
logger.warn(`${FILE_NAME}: Failed to explain rule ${ruleId}: ${sigmaRuleDetailsResult.message}`);
|
|
await respond({
|
|
text: `Error: ${sigmaRuleDetailsResult.message}`,
|
|
response_type: 'ephemeral'
|
|
});
|
|
return;
|
|
}
|
|
|
|
// Create response based on interface type
|
|
if (isCliRequest) {
|
|
// For CLI, just return the raw data
|
|
await respond({
|
|
responseData: sigmaRuleDetailsResult.explanation,
|
|
response_type: 'cli'
|
|
});
|
|
} else {
|
|
// For Slack, generate and return Block Kit blocks
|
|
try {
|
|
const blocks = getSigmaRuleDetailsBlocks(sigmaRuleDetailsResult.explanation);
|
|
await respond({
|
|
blocks: blocks,
|
|
response_type: 'in_channel'
|
|
});
|
|
} catch (blockError) {
|
|
await handleError(blockError, `${FILE_NAME}: Block generation`, respond, {
|
|
responseType: 'ephemeral',
|
|
customMessage: 'Error generating rule details view'
|
|
});
|
|
}
|
|
}
|
|
} catch (error) {
|
|
await handleError(error, `${FILE_NAME}: Details command handler`, respond, {
|
|
responseType: 'ephemeral'
|
|
});
|
|
}
|
|
};
|
|
|
|
module.exports = {
|
|
handleCommand
|
|
}; |