Bug #3155
closed
Odd Debug Logs for flowbit requirements
Added by Kenneth Kolano over 4 years ago.
Updated over 4 years ago.
Description
When using the -v switch the logs related to flowbit handling are a bit weird...
6/9/2019 -- 12:13:05 - <Debug> -- Found 349 required flowbits.
6/9/2019 -- 12:13:05 - <Debug> -- Found 53 rules to enable to for flowbit requirements
6/9/2019 -- 12:13:05 - <Debug> -- Found 350 required flowbits.
6/9/2019 -- 12:13:05 - <Debug> -- Found 0 rules to enable to for flowbit requirements
6/9/2019 -- 12:13:05 - <Debug> -- All required rules enabled.
...unclear why the flowbits related logs output twice, or why the counts for each are misaligned.
I'm guessing that this is due to the first round of flowbits processing enabling a rule, and then the revised set of rules being reprocessed (i.e. a formerly disabled rule had a flowbit, which required additional ruled be enabled).
In any case the way this is logged could likely be revised to make what's happening more clear.
Kenneth Kolano wrote:
I'm guessing that this is due to the first round of flowbits processing enabling a rule, and then the revised set of rules being reprocessed (i.e. a formerly disabled rule had a flowbit, which required additional ruled be enabled).
Yes, you're absolutely right about why this happens.
In any case the way this is logged could likely be revised to make what's happening more clear.
How do you find the logging below? Does it make things clearer or worse? I would like to take a user's perspective into account before making any changes.
7/9/2019 -- 11:47:44 - <Debug> -- Checking flowbits for round 1 of rules
7/9/2019 -- 11:47:44 - <Debug> -- Found 202 required flowbits.
7/9/2019 -- 11:47:44 - <Debug> -- Found 43 rules to enable to for flowbit requirements
7/9/2019 -- 11:47:44 - <Debug> -- Enabling previously disabled rule for flowbits: # [1:2019401] ET POLICY Vulnerable Java Version 1.8.x Detected
7/9/2019 -- 11:47:44 - <Debug> -- Checking flowbits for round 2 of rules
7/9/2019 -- 11:47:44 - <Debug> -- Found 203 required flowbits.
7/9/2019 -- 11:47:45 - <Debug> -- Found 0 rules to enable to for flowbit requirements
7/9/2019 -- 11:47:45 - <Debug> -- All required rules enabled.
7/9/2019 -- 11:47:45 - <Info> -- Enabled 43 rules for flowbit dependencies.
- Status changed from New to Assigned
- Target version set to TBD
Sorry for the delayed response here, but yes, the revised logging would be clearer.
- Status changed from Assigned to Closed
Also available in: Atom
PDF