search

Yamato-Security / hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
GNU Affero General Public License v3.0
2.26k stars 200 forks source link

Organize options grouping #918

Closed YamatoSecurity closed 1 year ago

YamatoSecurity commented 1 year ago
  1. The grouping of options differs accoring to command so would like to organize that as well. (In order of importance, not by alphabet) Also would like to 1) Rename Options to General Options and 2) remove Advanced and put -r, --rules and --target-file-ext options in General Options

csv-timeline now:

Usage
Options
Output
Input
Advanced
Filtering
Time Format
Display Settings

After:

Usage
Input
Output
General Options
Filtering
Time Format
Display Settings

json-timeline now:

Usage
Options
Input
Advanced
Output
Filtering
Time Format
Display Settings

After (same as csv-timeline):

Usage
Input
Output
General Options
Filtering
Time Format
Display Settings

pivot-keywords-list now (also get rid of Advanced and add --target-file-ext to General Options):

Usage
Options
Input
Advanced
Output
Filtering

After:

Usage
Input
Output
General Options
Filtering

metrics and logon-summary now (also get rid of Advanced and add --target-file-ext to General Options):

Usage
Options
Input
Advanced
Output

After:

Usage
Input
Output
General Options

update-rules Now:

Usage
Options
Advanced

After:

Usage
General Options
  1. When typing hayabusa.exe help csv-timeline, --no-color and -q, --quiet show up but they do not show up when typing hayabusa.exe csv-timeline or hayabusa.exe json-timeline. I would like --no-color and -q, --quiet to show when help is not used as well. Also want to put --no-color, -q, --quiet and -v, --verbose in Display Settings instead of General Options.
hitenkoku commented 1 year ago

. /hayabusa.exe csv-timeline, it will do so because it only handles subcommands belonging to csv-timeline. It should be included in each subcommand, not treated as common. It is redundant as source code, but we will handle it that way.

When typing hayabusa.exe help csv-timeline, --no-color and -q, --quiet show up but they do not show up when typing hayabusa.exe csv-timeline or hayabusa.exe json-timeline. I would like --no-color and -q, --quiet to show when help is not used as well. Also want to put --no-color, -q, --quiet and -v, --verbose in Display Settings instead of General Options.

hitenkoku commented 1 year ago

I was able to change Options to General Options.

However, it seems difficult to reorganize help_heading. I am checking with Clap's Discussion to be sure.

https://github.com/clap-rs/clap/discussions/4703

The grouping of options differs accoring to command so would like to organize that as well. (In order of importance, not by alphabet) Also would like to 1) Rename Options to General Options and 2) remove Advanced and put -r, --rules and --target-file-ext options in General Options