search

nginxinc / kubernetes-ingress

NGINX and NGINX Plus Ingress Controllers for Kubernetes
https://docs.nginx.com/nginx-ingress-controller
Apache License 2.0
4.64k stars 1.96k forks source link

app-protect-log-level does not set app-protect log level correctly #5872

Closed dvelben closed 1 month ago

dvelben commented 3 months ago

Describe the bug AppProtect logs in NOTICE level even FATAL is set.

To Reproduce Deploy Ingress Controller 3.5.2, run with following args: args:

Expected behavior Only get FATAL logs from app protect but NOTICE are received too.

nginx-ingress BD_MISC|NOTICE|Jun 27 07:52:19.697|0021|/builds/6x631E1L/0/waf/waf-general/secore/bd/bd/main.c:1293|Build time version: [11.48.0], major API version: [11]

During start up, it is logged:

nginx-ingress New module: IO_PLUGIN
nginx-ingress New level: TS_CRIT
nginx-ingress New file num: 2
nginx-ingress New module: BD_MISC
nginx-ingress New level: TS_CRIT
nginx-ingress New file num: 2
nginx-innginx-ingress New level: TS_CRIT
nginx-ingress New file num: 2 
nginx-ingress New ALL module: ALL
nginx-ingress New ALL level: TS_NOTICE
nginx-ingress New ALL level: TS_CRIT
nginx-ingress New ALL level: TS_ERR
nginx-ingress New ALL level: TS_WARNING                                                                                                                                                                           nginx-ingress New ALL file num: 2

So it seems last TS_NOTICE to ALL is enabling NOTICE to BD_MISC too.

Your environment

Additional context

github-actions[bot] commented 3 months ago

Hi @dvelben thanks for reporting!

Be sure to check out the docs and the Contributing Guidelines while you wait for a human to take a look at this :slightly_smiling_face:

Cheers!

haywoodsh commented 3 months ago

Thanks for reporting this issue. We will take a look at this issue and confirm if it is an Ingress Controller bug

vepatel commented 2 months ago

@dvelben thanks for you patience, we're still investigating and will let you know once we've an update

pdabelf5 commented 1 month ago

@dvelben We have confirmed this issue is a bug in NGINX App Protect WAF. We will close this Github issue, but request you log a support request via MyF5 relating to NGINX App Protect WAF to track the issue further.