public static void DumpDetection(CyCmdlet cmdlet, CyDetection d)
{
cmdlet.WriteLine("-------------------------------------------------------------------------------------------------------------");
cmdlet.Write("Detection ");
cmdlet.WriteLineHL($"'{d.DetectionRule.Name}' (v{d.DetectionRule.Version}) [{d.PhoneticId}]");
if (d.ArtifactsOfInterest != null)
{
cmdlet.Write("State progression from artifacts: ");
cmdlet.WriteLineHL($"{string.Join(" > ", d.ArtifactsOfInterest.Keys)}");
cmdlet.WriteLine("Raw artifacts: ");
foreach (var a in d.AssociatedArtifacts)
{
cmdlet.WriteLine($"{a}");
}
if (d.ArtifactsOfInterest != null)
{
foreach (var state in d.ArtifactsOfInterest.Keys)
{
cmdlet.Write("Collected artifacts for state: ");
cmdlet.WriteLineHL($"{state}");
foreach (var collected_artifact in d.ArtifactsOfInterest[state])
{
cmdlet.WriteLine(
$"{d.ResolveArtifactReference(collected_artifact.Artifact)} of type {d.ResolveArtifactReference(collected_artifact.Artifact).ArtifactType}, source {collected_artifact.Source}");
}
}
}
}
}
