/// <summary>
/// Gets a set of matching tags for a set of patterns, returning for all matches
/// </summary>
/// <param name="patterns"></param>
/// <param name="addNotFound"></param>
/// <returns></returns>
private List <TagInfo> GetAllMatchingTagInfoList(TagGroup tagGroup, bool addNotFound = true)
{
List <TagInfo> result = new List <TagInfo>();
HashSet <string> hashSet = new HashSet <string>();
foreach (TagSearchPattern pattern in tagGroup.Patterns)
{
if (pattern.Detected)
{
var tagPatternRegex = new Regex(pattern.SearchPattern, RegexOptions.IgnoreCase);
foreach (var match in MatchList)
{
foreach (var tagItem in match.Issue.Rule.Tags)
{
if (tagPatternRegex.IsMatch(tagItem))
{
if (!hashSet.Contains(tagItem))
{
result.Add(new TagInfo
{
Tag = tagItem,
Confidence = match.Issue.PatternMatch.Confidence.ToString(),
Severity = match.Issue.Rule.Severity.ToString(),
ShortTag = tagItem.Substring(tagItem.LastIndexOf('.') + 1),
StatusIcon = pattern.DetectedIcon,
Detected = true
});
hashSet.Add(tagItem);
}
else
{//ensure we have highest confidence, severity as there are likly multiple matches for this tag pattern
foreach (TagInfo updateItem in result)
{
if (updateItem.Tag == tagItem)
{
RulesEngine.Confidence oldConfidence;
Enum.TryParse(updateItem.Confidence, out oldConfidence);
if (match.Issue.PatternMatch.Confidence > oldConfidence)
{
updateItem.Confidence = match.Issue.PatternMatch.Confidence.ToString();
}
RulesEngine.Severity oldSeverity;
Enum.TryParse(updateItem.Severity, out oldSeverity);
if (match.Issue.Rule.Severity > oldSeverity)
{
updateItem.Severity = match.Issue.Rule.Severity.ToString();
}
break;
}
}
}
}
}
}
}
}
return(result);
}
/// <summary>
/// Builds list of matching tags by profile pattern
/// Ensures only one instance of a given tag in results unlike GetAllMatchingTags method
/// with highest confidence level for that tag pattern
/// </summary>
/// <param name="tagPattern"></param>
/// <returns></returns>
private List <TagInfo> GetUniqueMatchingTagInfoList(TagGroup tagGroup, bool addNotFound = true)
{
List <TagInfo> result = new List <TagInfo>();
HashSet <string> hashSet = new HashSet <string>();
foreach (TagSearchPattern pattern in tagGroup.Patterns)
{
if (pattern.Detected)//set at program.RollUp already so don't search for again
{
var tagPatternRegex = new Regex(pattern.SearchPattern, RegexOptions.IgnoreCase);
foreach (var match in MatchList)
{
foreach (var tagItem in match.Issue.Rule.Tags)
{
if (tagPatternRegex.IsMatch(tagItem))
{
if (!hashSet.Contains(pattern.SearchPattern))
{
result.Add(new TagInfo
{
Tag = tagItem,
Confidence = match.Issue.Confidence.ToString(),
Severity = match.Issue.Rule.Severity.ToString(),
ShortTag = pattern.DisplayName,
StatusIcon = pattern.DetectedIcon,
Detected = true
});
hashSet.Add(pattern.SearchPattern);
pattern.Confidence = match.Issue.Confidence.ToString();
}
else
{
//we have but ensure we get highest confidence, severity as there are likly multiple matches for this tag pattern
foreach (TagInfo updateItem in result)
{
if (updateItem.Tag == tagItem)
{
RulesEngine.Confidence oldConfidence;
Enum.TryParse(updateItem.Confidence, out oldConfidence);
if (match.Issue.Confidence > oldConfidence)
{
updateItem.Confidence = match.Issue.Confidence.ToString();
pattern.Confidence = match.Issue.Confidence.ToString();
}
RulesEngine.Severity oldSeverity;
Enum.TryParse(updateItem.Severity, out oldSeverity);
if (match.Issue.Rule.Severity > oldSeverity)
{
updateItem.Severity = match.Issue.Rule.Severity.ToString();
}
break;
}
}
}
}
}
}
}
else if (addNotFound) //allow to report on false presense items
{
TagInfo tagInfo = new TagInfo
{
Tag = pattern.SearchPattern,
Detected = false,
ShortTag = pattern.DisplayName,
StatusIcon = pattern.NotDetectedIcon,
Confidence = "",
Severity = ""
};
pattern.Confidence = "";
result.Add(tagInfo);
hashSet.Add(tagInfo.Tag);
}
}
return(result);
}