update
This commit is contained in:
alteredCoder
parent
3683a7a02a
commit
5ca2ee2f2e
3 changed files with 7 additions and 7 deletions
|
|
@ -240,7 +240,7 @@ func FormatPrometheusMetrics(out io.Writer, url string, formatType string) error
|
||||||
waap_engine_stats[metric.Labels["waap_engine"]]["blocked"] = ival
|
waap_engine_stats[metric.Labels["waap_engine"]]["blocked"] = ival
|
||||||
case "cs_waf_rule_hits":
|
case "cs_waf_rule_hits":
|
||||||
waapEngine := metric.Labels["waap_engine"]
|
waapEngine := metric.Labels["waap_engine"]
|
||||||
ruleID := metric.Labels["rule_id"]
|
ruleID := metric.Labels["rule_name"]
|
||||||
if _, ok := waap_rule_stats[waapEngine]; !ok {
|
if _, ok := waap_rule_stats[waapEngine]; !ok {
|
||||||
waap_rule_stats[waapEngine] = make(map[string]map[string]int, 0)
|
waap_rule_stats[waapEngine] = make(map[string]map[string]int, 0)
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -48,7 +48,7 @@ var WafBlockCounter = prometheus.NewCounterVec(
|
||||||
var WafRuleHits = prometheus.NewCounterVec(
|
var WafRuleHits = prometheus.NewCounterVec(
|
||||||
prometheus.CounterOpts{
|
prometheus.CounterOpts{
|
||||||
Name: "cs_waf_rule_hits",
|
Name: "cs_waf_rule_hits",
|
||||||
Help: "Count of triggered rule, by rule_id and type (inband/outofband).",
|
Help: "Count of triggered rule, by rule_name, type (inband/outofband), waap_engine and source",
|
||||||
},
|
},
|
||||||
[]string{"rule_id", "type", "waap_engine", "source"},
|
[]string{"rule_name", "type", "waap_engine", "source"},
|
||||||
)
|
)
|
||||||
|
|
|
||||||
|
|
@ -201,22 +201,22 @@ func (r *WaapRunner) AccumulateTxToEvent(evt *types.Event, req waf.ParsedRequest
|
||||||
evt.Waap.HasOutBandMatches = true
|
evt.Waap.HasOutBandMatches = true
|
||||||
}
|
}
|
||||||
|
|
||||||
// TODO: Fetch the Name of the rule when possible
|
|
||||||
WafRuleHits.With(prometheus.Labels{"rule_id": fmt.Sprintf("%d", rule.Rule().ID()), "type": kind, "source": req.RemoteAddrNormalized, "waap_engine": req.WaapEngine}).Inc()
|
|
||||||
|
|
||||||
name := "NOT_SET"
|
name := "NOT_SET"
|
||||||
version := "NOT_SET"
|
version := "NOT_SET"
|
||||||
hash := "NOT_SET"
|
hash := "NOT_SET"
|
||||||
|
ruleNameProm := fmt.Sprintf("%d", rule.Rule().ID())
|
||||||
|
|
||||||
if details, ok := waf.WaapRulesDetails[rule.Rule().ID()]; ok {
|
if details, ok := waf.WaapRulesDetails[rule.Rule().ID()]; ok {
|
||||||
//Only set them for custom rules, not for rules written in seclang
|
//Only set them for custom rules, not for rules written in seclang
|
||||||
name = details.Name
|
name = details.Name
|
||||||
version = details.Version
|
version = details.Version
|
||||||
hash = details.Hash
|
hash = details.Hash
|
||||||
|
ruleNameProm = details.Name
|
||||||
r.logger.Debugf("custom rule for event, setting name: %s, version: %s, hash: %s", name, version, hash)
|
r.logger.Debugf("custom rule for event, setting name: %s, version: %s, hash: %s", name, version, hash)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
WafRuleHits.With(prometheus.Labels{"rule_name": ruleNameProm, "type": kind, "source": req.RemoteAddrNormalized, "waap_engine": req.WaapEngine}).Inc()
|
||||||
|
|
||||||
corazaRule := map[string]interface{}{
|
corazaRule := map[string]interface{}{
|
||||||
"id": rule.Rule().ID(),
|
"id": rule.Rule().ID(),
|
||||||
"uri": evt.Parsed["uri"],
|
"uri": evt.Parsed["uri"],
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue