rules: update to new rule parser

jasonish · May 9, 2024 · f6e3ad5 · f6e3ad5
1 parent 086d4ef
commit f6e3ad5
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 8 deletions.
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -57,7 +57,7 @@ serde = { version = "1.0.196", features = ["derive"] }
 serde_json = "1.0.112"
 serde_yaml = "0.9.30"
 
-suricatax-rule-parser = { git = "https://github.com/jasonish/rust-suricatax-rule-parser" }
+suricatax-rule-parser = { git = "https://github.com/jasonish/suricatax-rule-parser-rs" }
 time = { version = "0.3.31", features = ["formatting", "local-offset", "macros", "parsing"] }
 tracing = "0.1.40"
 tracing-subscriber = { version = "0.3.18", features = ["std", "fmt", "env-filter", "time"] }

diff --git a/src/rules.rs b/src/rules.rs
@@ -129,11 +129,12 @@ fn parse_line(line: &str) -> Option<(u64, String)> {
     }
 
     let original = &line[offset..];
-    match suricatax_rule_parser::parse_elements(original) {
-        Ok((_, elements)) => {
-            for element in &elements {
-                if let suricatax_rule_parser::Element::Sid(sid) = element {
-                    return Some((*sid, original.to_string()));
+
+    match suricatax_rule_parser::parse_rule(original) {
+        Ok(rule) => {
+            for option in &rule.options {
+                if let suricatax_rule_parser::Parsed::Sid(sid) = option.parsed {
+                    return Some((sid, original.to_string()));
                 }
             }
         }