Skip to content

Commit

Permalink
parser-common: recognize events produced by SIGMA checkers
Browse files Browse the repository at this point in the history
  • Loading branch information
kdudka committed Jan 31, 2024
1 parent 941ad1a commit 01ff731
Show file tree
Hide file tree
Showing 5 changed files with 923 additions and 1 deletion.
3 changes: 2 additions & 1 deletion src/lib/parser-common.hh
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,8 @@

#define RE_EVENT_GCC "(?:(?:(?:fatal|internal|runtime) )?[A-Za-z][A-Za-z0-9_-]+)(?:\\[[^ \\]]+\\])?"
#define RE_EVENT_PROSPECTOR "(?:[A-Z]+[0-9]+\\[[a-z0-9-]+\\])"
#define RE_EVENT RE_EVENT_GCC "|" RE_EVENT_PROSPECTOR
#define RE_EVENT_SIGMA "(?:Sigma (?:main )?event)"
#define RE_EVENT RE_EVENT_GCC "|" RE_EVENT_PROSPECTOR "|" RE_EVENT_SIGMA

int parse_int(const std::string &, int fallback = 0);

Expand Down
1 change: 1 addition & 0 deletions tests/csgrep/0119-cov-parser-sigma-args.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
--mode=json
Loading

0 comments on commit 01ff731

Please sign in to comment.