Task #2879: Log a warning on duplicate SID. - Suricata-Update - Open Information Security Foundation

Actions

Task #2879

closed

Log a warning on duplicate SID.

Added by Jason Ish about 5 years ago. Updated over 4 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Target version:

Effort:

low

Difficulty:

low

Label:

Beginner, Outreachy

Description

Currently when suricata-update encounters a rules with duplicate SIDs, it will silently use the one with the higher revision. While I believe this behaviour is correct, we should still log a warning.

On duplicate SID we should probably log the following as warnings:
- If revisions differ: Found duplicate rule ID %d, keeping one with higher revision.
- If revisions are equals: Found duplicate rule ID %s, keeping existing rule.

Actions

#1

Updated by Shivani Bhardwaj about 5 years ago

Assignee deleted (~~Shivani Bhardwaj~~)

Actions

#2

Updated by Shivani Bhardwaj about 5 years ago

Status changed from New to Assigned

Actions

#3

Updated by Andreas Herz almost 5 years ago

Assignee set to OISF Dev

Actions

#4

Updated by Shivani Bhardwaj almost 5 years ago

PR: https://github.com/OISF/suricata-update/pull/162

Actions

#5

Updated by Shivani Bhardwaj almost 5 years ago

Status changed from Assigned to Feedback

Actions

#6

Updated by Shivani Bhardwaj almost 5 years ago

Assignee changed from OISF Dev to Vagisha Gupta

Actions

#7

Updated by Shivani Bhardwaj over 4 years ago

Status changed from Feedback to Resolved

Actions

#8

Updated by Shivani Bhardwaj over 4 years ago

Status changed from Resolved to Closed

Actions

#9

Updated by Jason Ish over 4 years ago

Target version set to TBD

Actions

#10

Updated by Jason Ish over 4 years ago

Target version changed from TBD to 1.1.0rc1

Actions

Also available in: Atom PDF