1"""`MandatoryChecker`."""
2
3import logging
4from types import MappingProxyType
5
6from suricata_check.checkers.interface import CheckerInterface
7from suricata_check.utils.checker import is_rule_option_set
8from suricata_check.utils.checker_typing import ISSUES_TYPE, Issue
9from suricata_check.utils.rule import Rule
10
11
[docs]
12class MandatoryChecker(CheckerInterface):
13 """The `MandatoryChecker` contains several checks based on the Suricata syntax that are critical.
14
15 Codes M000-M009 report on missing mandatory rule options.
16 """
17
18 codes = MappingProxyType(
19 {
20 "M000": {"severity": logging.ERROR},
21 "M001": {"severity": logging.ERROR},
22 },
23 )
24
25 def _check_rule(
26 self: "MandatoryChecker",
27 rule: Rule,
28 ) -> ISSUES_TYPE:
29 issues: ISSUES_TYPE = []
30
31 if not is_rule_option_set(rule, "msg"):
32 issues.append(
33 Issue(
34 code="M000",
35 message="The rule did not specify a msg, which is a mandatory field.",
36 ),
37 )
38
39 if not is_rule_option_set(rule, "sid"):
40 issues.append(
41 Issue(
42 code="M001",
43 message="The rule did not specify a sid, which is a mandatory field.",
44 ),
45 )
46
47 return issues