search

CrowdStrike / falcon-integration-gateway

Falcon Integration Gateway (FIG)
The Unlicense
18 stars 17 forks source link

Improve and increase logging and debug loggin #131

Closed isimluk closed 2 years ago

isimluk commented 2 years ago

Example output:

2022-09-22 13:13:09 fig MainThread INFO     GCP Backend is enabled.
2022-09-22 13:13:09 fig MainThread INFO     Enabled backends will only process events with types: {'DetectionSummaryEvent'}
2022-09-22 13:13:10 fig cs_stream  INFO     Opening Streaming Connection
2022-09-22 13:13:16 fig cs_stream  INFO     Established Streaming Connection: 200 OK
2022-09-22 13:13:20 fig cs_stream  DEBUG    Received 200 events from the stream. Type breakdown was: {'UserActivityAuditEvent': 78, 'AuthActivityAuditEvent': 120, 'RemoteResponseSessionStartEvent': 1, 'RemoteResponseSessionEndEvent': 1}

......

2022-09-22 13:13:33 fig cs_stream  DEBUG    Received 5600 events from the stream. Type breakdown was: {'UserActivityAuditEvent': 2362, 'AuthActivityAuditEvent': 3117, 'RemoteResponseSessionStartEvent': 54, 'RemoteResponseSessionEndEvent': 54, 'IncidentSummaryEvent': 4, 'DetectionSummaryEvent': 9}
carlosmmatos commented 2 years ago

Looks good so far

lgtm-com[bot] commented 2 years ago

This pull request introduces 1 alert when merging 41413c382b37c544b4ba728d3786a47f66b24c8e into 7e2923e15cdf30194943067b1b8acf880dee16bd - view on LGTM.com

new alerts: