From 2edc767db80d7e83c73d3988762d8eee6bb2487f Mon Sep 17 00:00:00 2001 From: syncpark Date: Thu, 9 Jan 2025 14:29:24 +0900 Subject: [PATCH] Modify the cluster_id type `usize` to `Option` --- CHANGELOG.md | 2 ++ Cargo.toml | 2 +- src/graphql/event/http.rs | 5 ++++- src/graphql/event/log.rs | 5 ++++- src/graphql/event/network.rs | 5 ++++- src/graphql/event/sysmon.rs | 9 ++++++--- 6 files changed, 21 insertions(+), 7 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 49b598b..30fd8e0 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -39,6 +39,8 @@ Versioning](https://semver.org/spec/v2.0.0.html). - The `ip2location::DB` argument for `serve` no longer needs to be wrapped in `Arc` and `Mutex`. This change simplifies the code and improves performance by removing unnecessary locking. +- Modified the type of `cluster_id` field of the detection event structures from + `usize` to `Option`: `HttpThreat`, `ExtraThreat`, `NetworkThreat`, `WindowsThreat` ### Fixed diff --git a/Cargo.toml b/Cargo.toml index 1afea40..12495c6 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -25,7 +25,7 @@ num-traits = "0.2" reqwest = { version = "0.12", default-features = false, features = [ "rustls-tls-native-roots", ] } -review-database = { git = "https://github.com/petabi/review-database.git", rev = "35b9d80" } +review-database = { git = "https://github.com/petabi/review-database.git", rev = "f59bef0" } roxy = { git = "https://github.com/aicers/roxy.git", tag = "0.3.0" } rustls = { version = "0.23", default-features = false, features = [ "ring", diff --git a/src/graphql/event/http.rs b/src/graphql/event/http.rs index e5c323a..4a6e34e 100644 --- a/src/graphql/event/http.rs +++ b/src/graphql/event/http.rs @@ -199,7 +199,10 @@ impl HttpThreat { /// The cluster id of the event in string wthin the range representable /// by a `usize`. async fn cluster_id(&self) -> ID { - ID(self.inner.cluster_id.to_string()) + ID(self + .inner + .cluster_id + .map_or(String::new(), |id| id.to_string())) } async fn attack_kind(&self) -> &str { diff --git a/src/graphql/event/log.rs b/src/graphql/event/log.rs index 33f5bfa..8678486 100644 --- a/src/graphql/event/log.rs +++ b/src/graphql/event/log.rs @@ -45,7 +45,10 @@ impl ExtraThreat { /// The cluster id of the event in string wthin the range representable /// by a `usize`. async fn cluster_id(&self) -> ID { - ID(self.inner.cluster_id.to_string()) + ID(self + .inner + .cluster_id + .map_or(String::new(), |id| id.to_string())) } async fn attack_kind(&self) -> &str { diff --git a/src/graphql/event/network.rs b/src/graphql/event/network.rs index 287f778..c730822 100644 --- a/src/graphql/event/network.rs +++ b/src/graphql/event/network.rs @@ -109,7 +109,10 @@ impl NetworkThreat { /// The cluster ID of the event in string within the representable /// range of `usize`. async fn cluster_id(&self) -> ID { - ID(self.inner.cluster_id.to_string()) + ID(self + .inner + .cluster_id + .map_or(String::new(), |id| id.to_string())) } async fn attack_kind(&self) -> &str { diff --git a/src/graphql/event/sysmon.rs b/src/graphql/event/sysmon.rs index ba6de92..f9dab36 100644 --- a/src/graphql/event/sysmon.rs +++ b/src/graphql/event/sysmon.rs @@ -1,4 +1,4 @@ -use async_graphql::Object; +use async_graphql::{Object, ID}; use chrono::{DateTime, Utc}; use review_database as database; @@ -64,8 +64,11 @@ impl WindowsThreat { &self.inner.matched_to } - async fn cluster_id(&self) -> usize { - self.inner.cluster_id + async fn cluster_id(&self) -> ID { + ID(self + .inner + .cluster_id + .map_or(String::new(), |id| id.to_string())) } async fn attack_kind(&self) -> &str {