Structure to represent an Event scanning engine.
Its role being to scan any structure implementing Event trait
with all the Rules loaded into the engine
Structure representing the result of an Event scanned by the
Engine. It aggregates information about the rules matching a
given event as well as some meta data about it (tags, attack ids …).
A severity score (sum of all matching rules severity bounded to MAX_SEVERITY) is also part of a ScanResult.
Some Rules matching an Event might be filter rules. In this
case only the filtered flag is updated.
Structure holding string templates to replace in rules. Templating
mechanism allow to define once complex regex and use them at multiple
places in rules, making rule maintenance easier.