search

crowdsecurity / crowdsec

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
https://crowdsec.net
MIT License
8.78k stars 453 forks source link

[parser] debugger log if we cannot find property on `appy_on` #3237

Closed LaurenceJJones closed 2 weeks ago

LaurenceJJones commented 2 weeks ago

Currently the grok debug lines are

time="2024-09-13T15:45:53Z" level=debug msg="+ Grok '%{YEA...' didn't return data on '2024/09/13 15:45:53 [XXX]:55004 accepted tcp:XXXXX:443 [VLESS TCP REALITY >> DIRECT] email: 619.S24'" id=divine-river name=custom/torrent-log-parser stage=s01-parse
time="2024-09-13T15:45:53Z" level=debug msg="Event leaving node : ko" id=divine-river name=custom/torrent-log-parser stage=s01-parse

Does not inform the user that the apply_on property they defined didnt exist so why did it log the actual line?

github-actions[bot] commented 2 weeks ago

@LaurenceJJones: Thanks for opening an issue, it is currently awaiting triage.

In the meantime, you can:

  1. Check Crowdsec Documentation to see if your issue can be self resolved.
  2. You can also join our Discord.
  3. Check Releases to make sure your agent is on the latest version.
Details I am a bot created to help the [crowdsecurity](https://github.com/crowdsecurity) developers manage community feedback and contributions. You can check out my [manifest file](https://github.com/crowdsecurity/crowdsec/blob/master/.github/governance.yml) to understand my behavior and what I can do. If you want to use this for your project, you can check out the [BirthdayResearch/oss-governance-bot](https://github.com/BirthdayResearch/oss-governance-bot) repository.
github-actions[bot] commented 2 weeks ago

@LaurenceJJones: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.

Details I am a bot created to help the [crowdsecurity](https://github.com/crowdsecurity) developers manage community feedback and contributions. You can check out my [manifest file](https://github.com/crowdsecurity/crowdsec/blob/master/.github/governance.yml) to understand my behavior and what I can do. If you want to use this for your project, you can check out the [BirthdayResearch/oss-governance-bot](https://github.com/BirthdayResearch/oss-governance-bot) repository.
LaurenceJJones commented 2 weeks ago

Actually might a no issue debugging further we do log if it doesnt exist

https://github.com/crowdsecurity/crowdsec/blob/1591a0c46ee3c3b1643d7078887f4bc262ed155b/pkg/parser/node.go#L225-L226

However, the Line.Raw didnt work as expected.