beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity

up

Browse source
This commit is contained in:
bui 2023-10-24 18:16:30 +02:00
parent 1f3801f390
commit 9edde09608
1 changed files with 3 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
pkg/acquisition/modules/waap/utils.go
View file

@ -29,14 +29,14 @@ func WaapEventGeneration(inEvt types.Event) (types.Event, error) {
alert := models.Alert{}
alert.Capacity = ptr.Of(int32(1))
alert.Events = make([]*models.Event, 0) //TBD
alert.Meta = make(models.Meta, 0) //TBD
alert.Events = make([]*models.Event, 0) //@tko -> URI, method, UA, param name
alert.Meta = make(models.Meta, 0) //@tko -> URI, method, UA, param name
alert.EventsCount = ptr.Of(int32(1))
alert.Labels = []string{"waf"} //don't know what to do about this
alert.Leakspeed = ptr.Of("")
msg := fmt.Sprintf("WAF alert: %s", inEvt.Waap.MatchedRules.GetName())
alert.Message = &msg
alert.Scenario = ptr.Of(inEvt.Waap.MatchedRules.GetName())
alert.Scenario = ptr.Of(inEvt.Waap.MatchedRules.GetName()) // @sbl : should we be able to do inEvt.Waap.MatchedRules.GetHash()
alert.ScenarioHash = ptr.Of(inEvt.Waap.MatchedRules.GetHash()) // @sbl : should we be able to do inEvt.Waap.MatchedRules.GetHash()
alert.ScenarioVersion = ptr.Of(inEvt.Waap.MatchedRules.GetVersion()) // @sbl : should we be able to do inEvt.Waap.MatchedRules.GetVersion()
alert.Simulated = ptr.Of(false)