package cmd import ( "encoding/json" "fmt" "git.db.org.ai/dborg/internal/client" "git.db.org.ai/dborg/internal/config" "git.db.org.ai/dborg/internal/models" "github.com/spf13/cobra" ) var slCmd = &cobra.Command{ Use: "sl [query]", Short: "Search stealer logs", Long: `Search stealer logs with various filters`, Args: cobra.ExactArgs(1), RunE: runSLSearch, } func init() { rootCmd.AddCommand(slCmd) slCmd.Flags().IntP("max_hits", "n", 10, "Maximum number of hits to return") slCmd.Flags().StringP("sort_by", "s", "", "Sort by field (ingest_timestamp or date_posted)") slCmd.Flags().StringP("ingest_start_date", "i", "", "Ingest timestamp start date") slCmd.Flags().StringP("ingest_end_date", "e", "", "Ingest timestamp end date") slCmd.Flags().StringP("posted_start_date", "p", "", "Date posted start date") slCmd.Flags().StringP("posted_end_date", "d", "", "Date posted end date") slCmd.Flags().StringP("format", "f", "json", "Response format") } func runSLSearch(cmd *cobra.Command, args []string) error { apiKey, _ := cmd.Flags().GetString("api-key") cfg := config.New().WithAPIKey(apiKey) c, err := client.New(cfg) if err != nil { return err } params := &models.SLParams{ Query: args[0], } params.MaxHits, _ = cmd.Flags().GetInt("max_hits") params.SortBy, _ = cmd.Flags().GetString("sort_by") params.IngestStartDate, _ = cmd.Flags().GetString("ingest_start_date") params.IngestEndDate, _ = cmd.Flags().GetString("ingest_end_date") params.PostedStartDate, _ = cmd.Flags().GetString("posted_start_date") params.PostedEndDate, _ = cmd.Flags().GetString("posted_end_date") params.Format, _ = cmd.Flags().GetString("format") response, err := c.SearchStealerLogs(params) if err != nil { return err } if response.Error != "" { return fmt.Errorf("API error: %s", response.Error) } if params.Format != "json" { fmt.Println(response.Message) return nil } output, err := json.MarshalIndent(response.Results, "", " ") if err != nil { return fmt.Errorf("failed to format response: %w", err) } fmt.Println(string(output)) return nil }