feat: documenting 0.1

u-siem · Aug 3, 2023 · 86949d8 · 86949d8
1 parent a89bc4d
commit 86949d8
Show file tree

Hide file tree

Showing 2 changed files with 51 additions and 12 deletions.
diff --git a/README.md b/README.md
@@ -1,4 +1,7 @@
-# usiem-basic-parser
+# µSIEM Parser
+[![Documentation](https://docs.rs/usiem-basic-parser/badge.svg)](https://docs.rs/u-siem) [![crates.io](https://img.shields.io/crates/v/usiem-basic-parser.svg)](https://crates.io/crates/usiem-basic-parser)
+
+
 Basic Parser component that supports multiple different sources and log formats
 
 ### Usage
@@ -15,24 +18,49 @@ kernel.add_component(parser_component);
 
 ### How to build parsers
 
-```rust
-use usiem::components::common::{LogParser, LogParsingError};
-use usiem::events::SiemLog;
-use usiem::components::SiemComponent;
+There are some examples in the [µSIEM library](https://github.com/u-siem/u-siem-core/blob/main/src/testing/parsers.rs) used for testing.
 
-struct DummyParserTextDUMMY {}
+```rust
+#[derive(Clone)]
+pub struct DummyParserText {
+    schema : FieldSchema
+}
+impl DummyParserText {
+    pub fn new() -> Self {
+        Self {
+            schema : FieldSchema::new()
+        }
+    }
+}
 
-impl LogParser for DummyParserTextDUMMY {
-    fn parse_log(&self, mut log: SiemLog) -> Result<SiemLog, LogParsingError> {
-        log.add_field("parser", SiemField::from_str("DummyParserTextDUMMY"));
+impl LogParser for DummyParserText {
+    fn parse_log(
+        &self,
+        mut log: SiemLog,
+        _datasets: &DatasetHolder,
+    ) -> Result<SiemLog, LogParsingError> {
+        if !log.message().contains("DUMMY") {
+            return Err(LogParsingError::NoValidParser(log));
+        }
+        log.add_field("parser", SiemField::from_str("DummyParserText"));
         Ok(log)
     }
-    fn name(&self) -> Cow<'static, str> {
-        Cow::Borrowed("DummyParserTextDUMMY")
+    fn name(&self) -> &'static str {
+        "DummyParserText"
+    }
+    fn description(&self) -> &'static str {
+        "This is a dummy that parsers if contains DUMMY in text"
+    }
+    fn schema(&self) -> & FieldSchema {
+        &self.schema
+    }
+
+    fn generator(&self) -> Box<dyn LogGenerator> {
+        return Box::new(DummyLogGenerator {});
     }
 }
 
-let parser1 = DummyParserTextDUMMY{};
+let parser1 = DummyParserText::new();
 parser_component.add_parser(Box::from(parser1));
 
 ```
diff --git a/src/lib.rs b/src/lib.rs
@@ -19,6 +19,16 @@ use usiem::send_message;
 
 mod metrics;
 
+/// Basic component parser
+/// 
+/// # Example
+/// ```ignore
+/// let mut parser_component = BasicParserComponent::new();
+/// parser_component.add_parser(Box::from(parser1));
+/// parser_component.add_parser(Box::from(parser2));
+/// 
+/// kernel.add_component(parser_component);
+/// ```
 #[derive(Clone)]
 pub struct BasicParserComponent {
     /// Receive actions from other components or the kernel
@@ -49,6 +59,7 @@ impl BasicParserComponent {
             metrics: generate_parser_metrics(&[]),
         };
     }
+    /// Adds a new parser in the component
     pub fn add_parser(&mut self, parser: Box<dyn LogParser>) {
         self.parsers.push(parser);
         self.metrics = generate_parser_metrics(&self.parsers);