diff options
| -rw-r--r-- | model/comm_model.go | 177 | ||||
| -rw-r--r-- | model/comm_model_test.go (renamed from model/comm_mongo_test.go) | 26 | ||||
| -rw-r--r-- | model/comm_mongo.go | 159 | ||||
| -rw-r--r-- | model/json_marshal_test.go | 2 | ||||
| -rw-r--r-- | model/mongo_conn.go | 47 | ||||
| -rw-r--r-- | model/mongo_fn.go | 84 | ||||
| -rw-r--r-- | model/rule_model.go | 192 | ||||
| -rw-r--r-- | model/rule_model_test.go | 11 | ||||
| -rw-r--r-- | static/rules/commrules.json | 2 | ||||
| -rw-r--r-- | static/rules/pathrules.json | 2 | ||||
| -rw-r--r-- | static/rules/rules.json | 2 |
11 files changed, 483 insertions, 221 deletions
diff --git a/model/comm_model.go b/model/comm_model.go index 6d9ea60..f16f667 100644 --- a/model/comm_model.go +++ b/model/comm_model.go @@ -1,7 +1,7 @@ /* * @Author: your name * @Date: 2021-01-06 09:56:18 - * @LastEditTime: 2021-01-10 09:45:28 + * @LastEditTime: 2021-01-12 16:49:24 * @LastEditors: Please set LastEditors * @Description: In User Settings Edit * @FilePath: /commdetection/model/comm_model.go @@ -10,9 +10,14 @@ package model import ( + "commdetection/logger" + "fmt" "reflect" "sort" "time" + + "go.mongodb.org/mongo-driver/bson" + "go.mongodb.org/mongo-driver/mongo" ) // Command contains command and its flags or symbols @@ -37,7 +42,7 @@ func (c Commands) Swap(i, j int) { } func (c Commands) Less(i, j int) bool { - return c[j].TimeStamp.After(c[i].TimeStamp) + return c[i].TimeStamp.Before(c[j].TimeStamp) } // Has returns whether c has the command @@ -50,3 +55,171 @@ func (c Commands) Has(command Command) bool { } return true } + +// GetCommandsFrom gets all the commands in the mongodb collections +func (c *Commands) GetCommandsFrom(dbName string, cName string) error { + return mongoOpsWithoutIndex(getCommandsFromFn, opParams{ + dbName: dbName, + cName: cName, + commands: c, + }) +} + +func getCommandsFromFn(sc mongo.SessionContext) error { + client := sc.Client() + params, ok := sc.Value(key("params")).(opParams) + if !ok { + return fmt.Errorf("Error transfering the params") + } + collection := client.Database(params.dbName).Collection(params.cName) + cur, err := collection.Find(sc, bson.D{}) + defer cur.Close(sc) + if err != nil { + return err + } + for cur.Next(sc) { + var next Command + err := cur.Decode(&next) + if err != nil { + logger.Warnln(err) + } + *params.commands = append(*params.commands, next) + } + return nil +} + +// InsertAllTo insert the given commands to the specified database and collection +func (c *Commands) InsertAllTo(dbName string, cName string) error { + return mongoOpsWithoutIndex(insertAllCommandsToFn, opParams{ + dbName: dbName, + cName: cName, + commands: c, + }) +} + +func insertAllCommandsToFn(sc mongo.SessionContext) error { + client := sc.Client() + params, ok := sc.Value(key("params")).(opParams) + if !ok { + return fmt.Errorf("Error tranfering the params") + } + collections := client.Database(params.dbName).Collection(params.cName) + var documents []interface{} + for _, command := range *params.commands { + documents = append(documents, command) + } + res, err := collections.InsertMany(sc, documents) + if err != nil { + return err + } + logger.Debugln("Insert succeeded, Ids are ", res) + return nil +} + +// InsertAnyTo inserts one command to the dbName.cName +func (c *Commands) InsertAnyTo(dbName, cName string, index uint) error { + return mongoOpsWithIndex(insertAnyCommandToFn, opParams{ + dbName: dbName, + cName: cName, + index: index, + commands: c, + }) +} + +func insertAnyCommandToFn(sc mongo.SessionContext) error { + client := sc.Client() + params, ok := sc.Value(key("params")).(opParams) + if !ok { + return fmt.Errorf("Error transfering the params") + } + collections := client.Database(params.dbName).Collection(params.cName) + res, err := collections.InsertOne(sc, (*params.commands)[int(params.index)]) + if err != nil { + return err + } + logger.Debugln("Insert succeeded, Id is ", res) + return nil +} + +// UpdateAnyTo updates the command in the mongodb +func (c *Commands) UpdateAnyTo(dbName, cName string, index uint, updateFilter interface{}) error { + return mongoOpsWithIndex(updateAnyCommandFn, opParams{ + dbName: dbName, + cName: cName, + index: index, + commands: c, + updateFilter: updateFilter, + }) +} + +func updateAnyCommandFn(sc mongo.SessionContext) error { + client := sc.Client() + params, ok := sc.Value(key("params")).(opParams) + if !ok { + return fmt.Errorf("Error transfering the params") + } + collection := client.Database(params.dbName).Collection(params.cName) + command := (*params.commands)[int(params.index)] + res, err := collection.UpdateOne(sc, params.updateFilter, bson.D{{ + "$set", + command, + }}) + if err != nil { + return err + } + logger.Debugln("update succeeded, id is ", res) + return nil +} + +// DeleteOneFrom deletes one command from the dbName.cName +func (c *Commands) DeleteOneFrom(dbName, cName string, index uint) error { + return mongoOpsWithIndex(deleteOneCommandFromFn, opParams{ + dbName: dbName, + cName: cName, + index: index, + commands: c, + }) +} + +func deleteOneCommandFromFn(sc mongo.SessionContext) error { + client := sc.Client() + params, ok := sc.Value(key("params")).(opParams) + if !ok { + return fmt.Errorf("Error transfering the params") + } + collections := client.Database(params.dbName).Collection(params.cName) + res, err := collections.DeleteOne(sc, (*params.commands)[int(params.index)]) + if err != nil { + return err + } + logger.Debugln("Delete succeeded, Id is ", res) + return nil +} + +// DeleteAllFrom deletes many commands from dbName.cName +func (c *Commands) DeleteAllFrom(dbName, cName string) error { + return mongoOpsWithoutIndex(deleteAllCommandsFromFn, opParams{ + dbName: dbName, + cName: cName, + commands: c, + }) +} + +func deleteAllCommandsFromFn(sc mongo.SessionContext) error { + client := sc.Client() + params, ok := sc.Value(key("params")).(opParams) + if !ok { + return fmt.Errorf("Error tranfering the params") + } + collections := client.Database(params.dbName).Collection(params.cName) + var deleteResults []*mongo.DeleteResult + for _, command := range *params.commands { + res, err := collections.DeleteOne(sc, command) + if err != nil { + return err + } + deleteResults = append(deleteResults, res) + } + logger.Debugln("Delete succeeded, ids are ", deleteResults) + return nil +} diff --git a/model/comm_mongo_test.go b/model/comm_model_test.go index 80413c5..b0f4e79 100644 --- a/model/comm_mongo_test.go +++ b/model/comm_model_test.go @@ -1,7 +1,7 @@ /* * @Author: EnderByEndera * @Date: 2021-01-06 15:26:48 - * @LastEditTime: 2021-01-10 16:26:32 + * @LastEditTime: 2021-01-12 16:49:55 * @LastEditors: Please set LastEditors * @Description: test mongo.go * @FilePath: /commdetection/model/mongo_test.go @@ -10,13 +10,14 @@ package model import ( - "sort" "testing" "time" + + "go.mongodb.org/mongo-driver/bson" ) func TestGetCommandsFromMongo(t *testing.T) { - commands := new(Commands) + commands := Commands{} err := commands.GetCommandsFrom("test", "commands") if err != nil { t.Error(err) @@ -24,9 +25,6 @@ func TestGetCommandsFromMongo(t *testing.T) { if commands == nil || commands.Len() == 0 { t.Error("Commands are nil commands") } - if !sort.IsSorted(commands) { - t.Error("Commands are not sorted") - } } func TestInsertCommandsToMongo(t *testing.T) { @@ -68,6 +66,22 @@ func TestInsertCommandsToMongo(t *testing.T) { }) } +func TestUpdateCommandsToMongo(t *testing.T) { + commands := Commands{ + { + CommName: "vim", + Args: []string{}, + Flags: []string{}, + TimeStamp: time.Now(), + User: "root", + }, + } + err := commands.UpdateAnyTo("test", "commands", 0, bson.D{{"commname", "wget"}}) + if err != nil { + t.Error(err) + } +} + func TestDeleteCommandsFromMongo(t *testing.T) { t.Run("Test DeleteOne func", func(t *testing.T) { commands := Commands{ diff --git a/model/comm_mongo.go b/model/comm_mongo.go deleted file mode 100644 index 4e0227a..0000000 --- a/model/comm_mongo.go +++ /dev/null @@ -1,159 +0,0 @@ -/* - * @Author: EnderByEndera - * @Date: 2021-01-09 16:46:53 - * @LastEditTime: 2021-01-10 16:31:17 - * @LastEditors: Please set LastEditors - * @Description: comm_mongo.go tries to get connection with mongodb lib - * @FilePath: /commdetection/model/command_mongo.go - */ - -package model - -import ( - "commdetection/logger" - "context" - "fmt" - "sort" - - "go.mongodb.org/mongo-driver/bson" - "go.mongodb.org/mongo-driver/mongo" - "go.mongodb.org/mongo-driver/mongo/options" -) - -// GetCommandsFrom gets all the commands in the mongodb collections -func (c *Commands) GetCommandsFrom(dbName string, cName string) error { - ctx, cancel := context.WithTimeout(context.Background(), timeout) - defer cancel() - client, err := connect(ctx) - if err != nil { - return err - } - defer closeClient(ctx, client) - return client.UseSession(ctx, func(sc mongo.SessionContext) error { - client := sc.Client() - collection := client.Database(dbName).Collection(cName) - cur, err := collection.Find(ctx, bson.D{}) - defer cur.Close(ctx) - if err != nil { - return err - } - for cur.Next(ctx) { - var next Command - err := cur.Decode(&next) - if err != nil { - logger.Warnln(err) - } - *c = append(*c, next) - } - return nil - }) -} - -// InsertAllTo insert the given commands to the specified database and collection -func (c *Commands) InsertAllTo(dbName string, cName string) error { - ctx, cancel := context.WithTimeout(context.Background(), timeout) - defer cancel() - client, err := connect(ctx) - if err != nil { - return err - } - if !sort.IsSorted(c) { - sort.Sort(c) - } - defer closeClient(ctx, client) - return client.UseSession(ctx, func(sc mongo.SessionContext) error { - client := sc.Client() - collections := client.Database(dbName).Collection(cName) - var documents []interface{} - for _, command := range *c { - documents = append(documents, command) - } - res, err := collections.InsertMany(sc, documents, options.InsertMany().SetOrdered(true)) - if err != nil { - sc.AbortTransaction(ctx) - return err - } - sc.CommitTransaction(ctx) - logger.Debugln("Insert succeeded, Ids are ", res) - return nil - }) -} - -// InsertAnyTo inserts one command to the dbName.cName -func (c *Commands) InsertAnyTo(dbName, cName string, index uint) error { - if index >= uint(c.Len()) { - return fmt.Errorf("Index %d out of range", index) - } - ctx, cancel := context.WithTimeout(context.Background(), timeout) - defer cancel() - client, err := connect(ctx) - if err != nil { - return err - } - defer closeClient(ctx, client) - return client.UseSession(ctx, func(sc mongo.SessionContext) error { - client := sc.Client() - collections := client.Database(dbName).Collection(cName) - res, err := collections.InsertOne(sc, (*c)[index]) - if err != nil { - sc.AbortTransaction(sc) - return err - } - sc.CommitTransaction(sc) - logger.Debugln("Insert succeeded, Id is ", res) - return nil - }) -} - -// DeleteOneFrom deletes one command from the dbName.cName -func (c *Commands) DeleteOneFrom(dbName, cName string, index uint) error { - if index >= uint(c.Len()) { - return fmt.Errorf("index %d out of range", index) - } - ctx, cancel := context.WithTimeout(context.Background(), timeout) - defer cancel() - client, err := connect(ctx) - if err != nil { - return err - } - defer closeClient(ctx, client) - return client.UseSession(ctx, func(sc mongo.SessionContext) error { - client := sc.Client() - collections := client.Database(dbName).Collection(cName) - res, err := collections.DeleteOne(sc, (*c)[index]) - if err != nil { - sc.AbortTransaction(ctx) - return err - } - sc.CommitTransaction(ctx) - logger.Debugln("Delete succeeded, Id is ", res) - return nil - }) -} - -// DeleteAllFrom deletes many commands from dbName.cName -func (c *Commands) DeleteAllFrom(dbName, cName string) error { - ctx, cancel := context.WithTimeout(context.Background(), timeout) - defer cancel() - client, err := connect(ctx) - if err != nil { - return err - } - defer closeClient(ctx, client) - return client.UseSession(ctx, func(sc mongo.SessionContext) error { - client := sc.Client() - collections := client.Database(dbName).Collection(cName) - var deleteResults []*mongo.DeleteResult - for _, command := range *c { - res, err := collections.DeleteOne(ctx, command) - if err != nil { - sc.AbortTransaction(ctx) - return err - } - deleteResults = append(deleteResults, res) - } - sc.CommitTransaction(ctx) - logger.Debugln("Delete succeeded, ids are ", deleteResults) - return nil - }) -} diff --git a/model/json_marshal_test.go b/model/json_marshal_test.go index 0bd8266..410ca0d 100644 --- a/model/json_marshal_test.go +++ b/model/json_marshal_test.go @@ -1,7 +1,7 @@ /* * @Author: EnderByEndera * @Date: 2020-12-16 14:31:00 - * @LastEditTime: 2021-01-04 18:45:21 + * @LastEditTime: 2021-01-11 10:26:26 * @LastEditors: Please set LastEditors * @Description: Test marshalling.go * @FilePath: /commdetection/rules/marshalling_test.go diff --git a/model/mongo_conn.go b/model/mongo_conn.go deleted file mode 100644 index 1b9db06..0000000 --- a/model/mongo_conn.go +++ /dev/null @@ -1,47 +0,0 @@ -/* - * @Author: EnderByEndera - * @Date: 2021-01-06 11:12:49 - * @LastEditTime: 2021-01-10 15:33:10 - * @LastEditors: Please set LastEditors - * @Description: In User Settings Edit - * @FilePath: /commdetection/model/db.go - */ - -package model - -import ( - "commdetection/logger" - "commdetection/yaml" - "context" - "fmt" - "time" - - "go.mongodb.org/mongo-driver/mongo" - "go.mongodb.org/mongo-driver/mongo/options" -) - -var ( - dbset yaml.MongoSet - timeout time.Duration -) - -func init() { - dbset = yaml.GetMongoSetting() - var err error - timeout, err = time.ParseDuration(dbset.Timeout) - if err != nil { - logger.Warnln(err) - } -} - -func closeClient(ctx context.Context, client *mongo.Client) { - err := client.Disconnect(ctx) - if err != nil { - logger.Warnln(err) - } -} - -func connect(ctx context.Context) (*mongo.Client, error) { - return mongo.Connect(ctx, options.Client(). - ApplyURI(fmt.Sprintf("mongodb://%s:%d", dbset.Host, dbset.Port))) -} diff --git a/model/mongo_fn.go b/model/mongo_fn.go new file mode 100644 index 0000000..48ac39d --- /dev/null +++ b/model/mongo_fn.go @@ -0,0 +1,84 @@ +/* + * @Author: EnderByEndera + * @Date: 2021-01-06 11:12:49 + * @LastEditTime: 2021-01-11 17:32:29 + * @LastEditors: Please set LastEditors + * @Description: In User Settings Edit + * @FilePath: /commdetection/model/db.go + */ + +package model + +import ( + "commdetection/logger" + "commdetection/yaml" + "context" + "fmt" + "time" + + "go.mongodb.org/mongo-driver/mongo" + "go.mongodb.org/mongo-driver/mongo/options" +) + +var ( + dbset yaml.MongoSet + timeout time.Duration +) + +func init() { + dbset = yaml.GetMongoSetting() + var err error + timeout, err = time.ParseDuration(dbset.Timeout) + if err != nil { + logger.Warnln(err) + } +} + +func closeClient(ctx context.Context, client *mongo.Client) { + err := client.Disconnect(ctx) + if err != nil { + logger.Warnln(err) + } +} + +func connect(ctx context.Context) (*mongo.Client, error) { + return mongo.Connect(ctx, options.Client(). + ApplyURI(fmt.Sprintf("mongodb://%s:%d", dbset.Host, dbset.Port))) +} + +type key string + +type opParams struct { + dbName, cName string + index uint + commands *Commands + css *CommScores + updateFilter interface{} +} + +func mongoOpsWithIndex(fn func(mongo.SessionContext) error, parameters opParams) error { + if parameters.index >= uint(parameters.commands.Len()) { + return fmt.Errorf("index %d out of range", parameters.index) + } + ctx, cancel := context.WithTimeout(context.Background(), timeout) + defer cancel() + ctx = context.WithValue(ctx, key("params"), parameters) + client, err := connect(ctx) + if err != nil { + return err + } + defer closeClient(ctx, client) + return client.UseSession(ctx, fn) +} + +func mongoOpsWithoutIndex(fn func(mongo.SessionContext) error, parameters opParams) error { + ctx, cancel := context.WithTimeout(context.Background(), timeout) + defer cancel() + ctx = context.WithValue(ctx, key("params"), parameters) + client, err := connect(ctx) + if err != nil { + return err + } + defer closeClient(ctx, client) + return client.UseSession(ctx, fn) +} diff --git a/model/rule_model.go b/model/rule_model.go index d530d22..92cc77d 100644 --- a/model/rule_model.go +++ b/model/rule_model.go @@ -1,7 +1,7 @@ /* * @Author: EnderByEndera * @Date: 2021-01-04 16:30:53 - * @LastEditTime: 2021-01-04 18:38:56 + * @LastEditTime: 2021-01-12 11:53:39 * @LastEditors: Please set LastEditors * @Description: This is the model file used for rules pack * @FilePath: /commdetection/model/rule_model.go @@ -9,6 +9,14 @@ package model +import ( + "commdetection/logger" + "fmt" + + "go.mongodb.org/mongo-driver/bson" + "go.mongodb.org/mongo-driver/mongo" +) + // Rule defines a rule's func and its name type Rule struct { Name string `json:"name"` @@ -23,8 +31,23 @@ type Evaluation func(CommScore) CommScore // CommScore includes command name and its score type CommScore struct { - Command Command `json:"command"` - Score float64 `json:"score"` + Command Command `json:"command" bson:"command"` + Score float64 `json:"score" bson:"score"` +} + +// CommScores is the multiple type of CommScore +type CommScores []CommScore + +func (css CommScores) Len() int { + return len(css) +} + +func (css CommScores) Swap(i, j int) { + css[i], css[j] = css[j], css[i] +} + +func (css CommScores) Less(i, j int) bool { + return css[i].Command.TimeStamp.Before(css[j].Command.TimeStamp) } // SPath includes sensitive path dir and its sensitive coefficient @@ -51,3 +74,166 @@ type Ussites struct { Websites []string `json:"websites"` Coefficient float64 `json:"coefficient"` } + +// GetCommScoresFrom gets command scores from dbName.cName collection +func (css *CommScores) GetCommScoresFrom(dbName, cName string) error { + return mongoOpsWithoutIndex(getCommScoreFromFn, opParams{ + dbName: dbName, + cName: cName, + css: css, + }) +} + +func getCommScoreFromFn(sc mongo.SessionContext) error { + client := sc.Client() + params, ok := sc.Value(key("params")).(opParams) + if !ok { + return fmt.Errorf("Error transfering the params") + } + collection := client.Database(params.dbName).Collection(params.cName) + cur, err := collection.Find(sc, bson.D{}) + if err != nil { + return err + } + for cur.Next(sc) { + var next CommScore + err := cur.Decode(&next) + if err != nil { + return err + } + *params.css = append(*params.css, next) + } + return nil +} + +// InsertAllTo insert command scores to the dbName.cName collection +func (css *CommScores) InsertAllTo(dbName, cName string) error { + return mongoOpsWithoutIndex(insertAllCommScoreToFn, opParams{ + dbName: dbName, + cName: cName, + css: css, + }) +} + +func insertAllCommScoreToFn(sc mongo.SessionContext) error { + client := sc.Client() + params, ok := sc.Value(key("params")).(opParams) + if !ok { + return fmt.Errorf("Error transfering the params") + } + collection := client.Database(params.dbName).Collection(params.cName) + documents := []interface{}{} + for _, cs := range *params.css { + documents = append(documents, cs) + } + res, err := collection.InsertMany(sc, documents) + if err != nil { + return err + } + logger.Debugln("insert succeeded, ids are ", res) + return nil +} + +// InsertAnyTo inserts one command score to the mongodb database +func (css *CommScores) InsertAnyTo(dbName, cName string, index uint) error { + return mongoOpsWithIndex(insertAnyCommScoreToFn, opParams{ + dbName: dbName, + cName: cName, + index: index, + css: css, + }) +} + +func insertAnyCommScoreToFn(sc mongo.SessionContext) error { + client := sc.Client() + params, ok := sc.Value(key("params")).(opParams) + if !ok { + return fmt.Errorf("Error transfering the params") + } + collection := client.Database(params.dbName).Collection(params.cName) + res, err := collection.InsertOne(sc, (*params.css)[int(params.index)]) + if err != nil { + return err + } + logger.Debugln("insert succeeded, id is ", res) + return nil +} + +// UpdateAnyTo updates the command score in the mongodb +func (css *CommScores) UpdateAnyTo(dbName, cName string, index uint, updateFilter interface{}) error { + return mongoOpsWithIndex(updateAnyCommScoreToFn, opParams{ + dbName: dbName, + cName: cName, + css: css, + index: index, + updateFilter: updateFilter, + }) +} + +func updateAnyCommScoreToFn(sc mongo.SessionContext) error { + client := sc.Client() + params, ok := sc.Value(key("params")).(opParams) + if !ok { + return fmt.Errorf("Error transfering the params") + } + collection := client.Database(params.dbName).Collection(params.cName) + res, err := collection.UpdateOne(sc, params.updateFilter, (*params.css)[int(params.index)]) + if err != nil { + return err + } + logger.Debugln("update succeeded, id is ", res) + return nil +} + +// DeleteOneFrom deletes one command score in the mongodb +func (css *CommScores) DeleteOneFrom(dbName, cName string, index uint) error { + return mongoOpsWithIndex(deleteOneCommScoreFromFn, opParams{ + dbName: dbName, + cName: cName, + index: index, + css: css, + }) +} + +func deleteOneCommScoreFromFn(sc mongo.SessionContext) error { + client := sc.Client() + params, ok := sc.Value(key("params")).(opParams) + if !ok { + return fmt.Errorf("Error transfering the params") + } + collection := client.Database(params.dbName).Collection(params.cName) + res, err := collection.DeleteOne(sc, (*params.css)[int(params.index)]) + if err != nil { + return err + } + logger.Debugln("delete succeeded, id is ", res) + return nil +} + +// DeleteAllFrom deletes all command scores in the mongodb which are the same as css +func (css *CommScores) DeleteAllFrom(dbName, cName string) error { + return mongoOpsWithoutIndex(deleteAllCommScoresFromFn, opParams{ + dbName: dbName, + cName: cName, + css: css, + }) +} + +func deleteAllCommScoresFromFn(sc mongo.SessionContext) error { + client := sc.Client() + params, ok := sc.Value(key("params")).(opParams) + if !ok { + return fmt.Errorf("Error transfering the params") + } + collection := client.Database(params.dbName).Collection(params.cName) + deleteResults := []*mongo.DeleteResult{} + for _, cs := range *params.css { + res, err := collection.DeleteOne(sc, cs) + if err != nil { + return err + } + deleteResults = append(deleteResults, res) + } + logger.Debugln("delete succeeded, id are ", deleteResults) + return nil +} diff --git a/model/rule_model_test.go b/model/rule_model_test.go new file mode 100644 index 0000000..47271be --- /dev/null +++ b/model/rule_model_test.go @@ -0,0 +1,11 @@ +/* + * @Author: EnderByEndera + * @Date: 2021-01-11 17:45:47 + * @LastEditTime: 2021-01-11 17:46:31 + * @LastEditors: Please set LastEditors + * @Description: test the rule model connecting to mongodb + * @FilePath: /commdetection/model/rule_model_test.go + */ + +package model + diff --git a/static/rules/commrules.json b/static/rules/commrules.json index 519cba1..959b475 100644 --- a/static/rules/commrules.json +++ b/static/rules/commrules.json @@ -1 +1 @@ -[{"command":"wget","coefficient":0.8},{"command":"apt","coefficient":1}]
\ No newline at end of file +[{"command":"sudo","coefficient":0.1},{"command":"wget","coefficient":0.8},{"command":"apt","coefficient":0.2}]
\ No newline at end of file diff --git a/static/rules/pathrules.json b/static/rules/pathrules.json index a73d2f0..4f8c9f0 100644 --- a/static/rules/pathrules.json +++ b/static/rules/pathrules.json @@ -1 +1 @@ -[{"Path":"/root/go/src/commdetection","Coefficient":0.7}]
\ No newline at end of file +[{"Path":"/root/go/src/commdetection","Coefficient":0.5}]
\ No newline at end of file diff --git a/static/rules/rules.json b/static/rules/rules.json index 3a3c234..3339112 100644 --- a/static/rules/rules.json +++ b/static/rules/rules.json @@ -1 +1 @@ -[{"name":"RuleA","rulefunc":"EvaluateCommandRule"}]
\ No newline at end of file +[{"name":"pathrule","rulefunc":"EvaluatePathRule"}]
\ No newline at end of file |