Closed fukusuket closed 1 year ago
@fukusuket Thanks for reporing issue. I would check it.
@fukusuket I found the cause of the problem.
The reason is that config/logsource-mappaing.yml
, which was not originally targeted by update-rules, is now targeted by update-rules
.
update-rules
targets .yml
files under rules
.
conig/geoip_field_mapping.yaml
is not the target of the change because it has a different extension.
I think the problem will be solved if you modify the following in hayabusa-rules instead of hayabusa.
logsource-mapping.yml
-> logsource-mapping.yaml
Thank you so much for quick investigation!! I see, (I was wondering why it didn't occur with geoip_field_mapping.. w)
Describe the bug
level-tuning
command panics afterupdate-rules
I noticed it while running integration test. https://github.com/Yamato-Security/hayabusa/actions/runs/4650226668/jobs/8229083578
Step to Reproduce
Expected behavior
level-tuning
command success.Actual behavior
Environment
Additional context If I move the following yml,
- (Modified: - | Path: rules/config/logsource-mapping.yml)
No error occurs. So it seems that https://github.com/Yamato-Security/hayabusa-rules/pull/363 cause this error?