pub enum DetectionTrace {
AllOf {
matched: bool,
items: Vec<ItemTrace>,
},
AnyOf {
matched: bool,
branches: Vec<DetectionTrace>,
},
And {
matched: bool,
branches: Vec<DetectionTrace>,
},
Keywords {
matched: bool,
item: ItemTrace,
},
Other {
kind: String,
matched: bool,
},
}Expand description
A node in the explained detection tree, mirroring
CompiledDetection.
Variants§
AllOf
Every item must match (a YAML mapping).
AnyOf
Any sub-detection may match (a YAML list of mappings).
And
All sub-detections must match (a mapping mixing plain and array blocks).
Keywords
Keyword detection: match a value across all event fields.
Other
An opaque detection (array object-scope or extended conditional body) whose verdict is recorded without descending per-member.
Implementations§
Trait Implementations§
Source§impl Clone for DetectionTrace
impl Clone for DetectionTrace
Source§fn clone(&self) -> DetectionTrace
fn clone(&self) -> DetectionTrace
Returns a duplicate of the value. Read more
1.0.0 (const: unstable) · Source§fn clone_from(&mut self, source: &Self)
fn clone_from(&mut self, source: &Self)
Performs copy-assignment from
source. Read moreSource§impl Debug for DetectionTrace
impl Debug for DetectionTrace
Auto Trait Implementations§
impl Freeze for DetectionTrace
impl RefUnwindSafe for DetectionTrace
impl Send for DetectionTrace
impl Sync for DetectionTrace
impl Unpin for DetectionTrace
impl UnsafeUnpin for DetectionTrace
impl UnwindSafe for DetectionTrace
Blanket Implementations§
Source§impl<T> BorrowMut<T> for Twhere
T: ?Sized,
impl<T> BorrowMut<T> for Twhere
T: ?Sized,
Source§fn borrow_mut(&mut self) -> &mut T
fn borrow_mut(&mut self) -> &mut T
Mutably borrows from an owned value. Read more