print("Sigma configuration file %s is no valid YAML: %s" % (conffile, str(e)), file=sys.stderr)
except SigmaParseError as e:
print("Sigma configuration parse error in %s: %s" % (conffile, str(e)), file=sys.stderr)
try:
backend = backends.getBackend(cmdargs.target)(sigmaconfig)
except LookupError as e:
print("Backend not found!", file=sys.stderr)
sys.exit(2)
error = 0
for sigmafile in get_inputs(cmdargs.inputs, cmdargs.recurse):
print_verbose("* Processing Sigma input %s" % (sigmafile))
try:
f = sigmafile.open()
parser = SigmaParser(f, sigmaconfig)
print_debug("Parsed YAML:\n", json.dumps(parser.parsedyaml, indent=2))
parser.parse_sigma()
for condtoken in parser.condtoken:
print_debug("Condition Tokens:", condtoken)
for condparsed in parser.condparsed:
print_debug("Condition Parse Tree:", condparsed)
print(backend.generate(condparsed), file=out)
except OSError as e:
print("Failed to open Sigma file %s: %s" % (sigmafile, str(e)), file=sys.stderr)
error = 5
except yaml.parser.ParserError as e:
print("Sigma file %s is no valid YAML: %s" % (sigmafile, str(e)), file=sys.stderr)
error = 3
if not cmdargs.defer_abort:
sys.exit(error)
backend = backends.getBackend(cmdargs.target)(sigmaconfig, backend_options,
cmdargs.output)
except LookupError as e:
print("Backend not found!", file=sys.stderr)
sys.exit(2)
except IOError:
print("Failed to open output file '%s': %s" % (cmdargs.output, str(e)),
file=sys.stderr)
exit(1)
error = 0
for sigmafile in get_inputs(cmdargs.inputs, cmdargs.recurse):
print_verbose("* Processing Sigma input %s" % (sigmafile))
try:
f = sigmafile.open()
parser = SigmaParser(f, sigmaconfig)
print_debug("Parsed YAML:\n", json.dumps(parser.parsedyaml, indent=2))
for condtoken in parser.condtoken:
print_debug("Condition Tokens:", condtoken)
for condparsed in parser.condparsed:
print_debug("Condition Parse Tree:", condparsed)
backend.generate(parser)
except OSError as e:
print("Failed to open Sigma file %s: %s" % (sigmafile, str(e)),
file=sys.stderr)
error = 5
except yaml.parser.ParserError as e:
print("Sigma file %s is no valid YAML: %s" % (sigmafile, str(e)),
file=sys.stderr)
error = 3
if not cmdargs.defer_abort:
except yaml.parser.ParserError as e:
print("Sigma configuration file %s is no valid YAML: %s" % (conffile, str(e)), file=sys.stderr)
except SigmaParseError as e:
print("Sigma configuration parse error in %s: %s" % (conffile, str(e)), file=sys.stderr)
try:
backend = backends.getBackend(cmdargs.target)(sigmaconfig)
except LookupError as e:
print("Backend not found!", file=sys.stderr)
sys.exit(1)
for sigmafile in get_inputs(cmdargs.inputs, cmdargs.recurse):
print_verbose("* Processing Sigma input %s" % (sigmafile))
try:
f = sigmafile.open()
parser = SigmaParser(f)
print_debug("Parsed YAML:\n", json.dumps(parser.parsedyaml, indent=2))
parser.parse_sigma()
for condtoken in parser.condtoken:
print_debug("Condition Tokens:", condtoken)
for condparsed in parser.condparsed:
print_debug("Condition Parse Tree:", condparsed)
print(backend.generate(condparsed))
except OSError as e:
print("Failed to open Sigma file %s: %s" % (sigmafile, str(e)), file=sys.stderr)
except yaml.parser.ParserError as e:
print("Sigma file %s is no valid YAML: %s" % (sigmafile, str(e)), file=sys.stderr)
except SigmaParseError as e:
print("Sigma parse error in %s: %s" % (sigmafile, str(e)), file=sys.stderr)
except NotImplementedError as e:
print("An unsupported feature is required for this Sigma rule: " + str(e), file=sys.stderr)