[bug] Counting `expand` rules as valid rules even when `config/expand/xxx.txt` does not exists

**Describe the bug**
Counting `expand` rules as valid rules even when `config/expand/xxx.txt` does not exists.

**Step to Reproduce**
```yml
status: test
description: test
author: TEST
date: 2024-12-07
logsource:
    product: windows
    service: security
    definition: TEST
detection:
    selection:
        Channel: Security
        EventID: 4624
        LogonType|expand: '%LogonType%'
    condition: selection
level: informational
```
`./hayabusa csv-timeline -d ../hayabusa-sample-evtx -r test.yml -w -q`

**Expected behavior**
```
Test rules: 1 (100.00%)

Expand rules: 1 (100.00%)
Enabled expand rules: 0 (0.00%)

Total detection rules: 0

Creating the channel filter. Please wait.

Evtx files loaded after channel filter: 248
Detection rules enabled after channel filter: 0
```

**Actual behavior**
```
Test rules: 1 (100.00%)

Expand rules: 1 (100.00%)
Other rules: 1
Total detection rules: 1

Creating the channel filter. Please wait.

Evtx files loaded after channel filter: 248
Detection rules enabled after channel filter: 1
```

**Environment**

- OS: macOS Sequoia 15.3.1
- hayabusa version 3.1.0

**Additional context**
N/A


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[bug] Counting `expand` rules as valid rules even when `config/expand/xxx.txt` does not exists #1606

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[bug] Counting expand rules as valid rules even when config/expand/xxx.txt does not exists #1606

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions

[bug] Counting `expand` rules as valid rules even when `config/expand/xxx.txt` does not exists #1606