package cmd import ( "fmt" "git.db.org.ai/dborg/internal/formatter" "git.db.org.ai/dborg/internal/models" "github.com/spf13/cobra" ) var slCmd = &cobra.Command{ Use: "sl [query]", Short: "Search stealer logs", Long: `Search stealer logs with various filters`, Args: cobra.ExactArgs(1), RunE: runSLSearch, } func init() { rootCmd.AddCommand(slCmd) slCmd.Flags().IntP("max_hits", "n", 10, "Maximum number of hits to return") slCmd.Flags().StringP("sort_by", "s", "", "Sort by field (ingest_timestamp or date_posted)") slCmd.Flags().StringP("ingest_start_date", "i", "", "Ingest timestamp start date") slCmd.Flags().StringP("ingest_end_date", "e", "", "Ingest timestamp end date") slCmd.Flags().StringP("posted_start_date", "p", "", "Date posted start date") slCmd.Flags().StringP("posted_end_date", "d", "", "Date posted end date") slCmd.Flags().StringP("format", "f", "json", "Response format") } func runSLSearch(cmd *cobra.Command, args []string) error { c, err := newClient() if err != nil { return err } params := &models.SLParams{ Query: args[0], } params.MaxHits, _ = cmd.Flags().GetInt("max_hits") sortBy, _ := cmd.Flags().GetString("sort_by") if sortBy != "" && sortBy != "ingest_timestamp" && sortBy != "date_posted" { return fmt.Errorf("invalid sort_by value: must be 'ingest_timestamp' or 'date_posted'") } params.SortBy = sortBy params.IngestStartDate, _ = cmd.Flags().GetString("ingest_start_date") params.IngestEndDate, _ = cmd.Flags().GetString("ingest_end_date") params.PostedStartDate, _ = cmd.Flags().GetString("posted_start_date") params.PostedEndDate, _ = cmd.Flags().GetString("posted_end_date") params.Format, _ = cmd.Flags().GetString("format") response, err := c.SearchStealerLogs(params) if err != nil { return err } if err := checkError(response.Error); err != nil { return err } if params.Format != "json" { fmt.Println(response.Message) return nil } output, err := formatter.FormatSLResults(response, IsJSONOutput()) if err != nil { return err } printOutput(output) return nil }