1"""`MandatoryChecker`."""
2
3import logging
4
5import idstools.rule
6
7from suricata_check.checkers.interface import CheckerInterface
8from suricata_check.utils.checker import is_rule_option_set
9from suricata_check.utils.checker_typing import ISSUES_TYPE, Issue
10
11
[docs]
12class MandatoryChecker(CheckerInterface):
13 """The `MandatoryChecker` contains several checks based on the Suricata syntax that are critical.
14
15 Codes M000-M009 report on missing mandatory rule options.
16 """
17
18 codes = {
19 "M000": {"severity": logging.ERROR},
20 "M001": {"severity": logging.ERROR},
21 }
22
23 def _check_rule(
24 self: "MandatoryChecker",
25 rule: idstools.rule.Rule,
26 ) -> ISSUES_TYPE:
27 issues: ISSUES_TYPE = []
28
29 if not is_rule_option_set(rule, "msg"):
30 issues.append(
31 Issue(
32 code="M000",
33 message="The rule did not specify a msg, which is a mandatory field.",
34 )
35 )
36
37 if not is_rule_option_set(rule, "sid"):
38 issues.append(
39 Issue(
40 code="M001",
41 message="The rule did not specify a sid, which is a mandatory field.",
42 )
43 )
44
45 return issues