updating hawk field translation, and bug when an author field is not present in a sig

tools/config/hawk.yml

@@ -562,4 +562,4 @@ fieldmappings:
   sc-bytes: http_content_length
   user-agent: http_user_agent
   cs-User-Agent: http_user_agent
-  r-dns: ip_dst_host
+  r-dns: http_host

tools/sigma/backends/hawk.py

@@ -643,7 +643,10 @@ class HAWKBackend(SingleTextQueryBackend):
             raise Exception("Failed to parse json: %s" % analytic_txt)
 
         cmt = "Sigma Rule: %s\n" % sigmaparser.parsedyaml['id'] 
-        cmt += "Author: %s\n" % sigmaparser.parsedyaml['author'] 
+        if 'author' in sigmaparser.parsedyaml:
+            cmt += "Author: %s\n" % sigmaparser.parsedyaml['author'] 
+        else:
+            cmt += "Author: Unknown\n"
         cmt += "Level: %s\n" % sigmaparser.parsedyaml['level'] 
         if 'falsepositives' in sigmaparser.parsedyaml and type(sigmaparser.parsedyaml['falsepositives']) is list:
             if len(sigmaparser.parsedyaml['falsepositives']) > 0: