diff --git a/pkg/waf/coraza_logger.go b/pkg/waf/coraza_logger.go index 5630651df..82e0a1697 100644 --- a/pkg/waf/coraza_logger.go +++ b/pkg/waf/coraza_logger.go @@ -27,16 +27,32 @@ type crzLogEvent struct { fields log.Fields logger *log.Entry muted bool + level log.Level } func (e *crzLogEvent) Msg(msg string) { if e.muted { return } + + /*this is a hack. As we want to have per-level rule debug but it's not allowed by coraza/modsec, if a rule ID is flagged to be in debug mode, the + .Int("rule_id", ) call will set the log_level of the event to debug. However, given the logger is global to the waap-runner, + we are switching forth and back the log level of the logger*/ + oldLvl := e.logger.Logger.GetLevel() + + if e.level != oldLvl { + e.logger.Logger.SetLevel(e.level) + } + if len(e.fields) == 0 { - e.logger.Info(msg) + e.logger.Log(e.level, msg) } else { - e.logger.WithFields(e.fields).Info(msg) + e.logger.WithFields(e.fields).Log(e.level, msg) + } + + if e.level != oldLvl { + e.logger.Logger.SetLevel(oldLvl) + e.level = oldLvl } } @@ -44,7 +60,6 @@ func (e *crzLogEvent) Str(key, val string) dbg.Event { if e.muted { return e } - //e.logger.Info("str") e.fields[key] = val return e } @@ -53,7 +68,6 @@ func (e *crzLogEvent) Err(err error) dbg.Event { if e.muted { return e } - //e.logger.Info("err") e.fields["error"] = err return e } @@ -62,26 +76,21 @@ func (e *crzLogEvent) Bool(key string, b bool) dbg.Event { if e.muted { return e } - //e.logger.Info("bool") e.fields[key] = b return e } func (e *crzLogEvent) Int(key string, i int) dbg.Event { if e.muted { - if key == "rule_id" { - log.Warningf("is rule_id %d in debug mode -> %t", i, GetRuleDebug(i)) - if GetRuleDebug(i) { - e.muted = false - e.fields = map[string]interface{}{} - } else { - return e - } + //this allows us to have per-rule debug logging + if key == "rule_id" && GetRuleDebug(i) { + e.muted = false + e.fields = map[string]interface{}{} + e.level = log.DebugLevel } else { return e } } - //e.logger.Info("int") e.fields[key] = i return e } @@ -90,7 +99,6 @@ func (e *crzLogEvent) Uint(key string, i uint) dbg.Event { if e.muted { return e } - //e.logger.Info("uint") e.fields[key] = i return e } @@ -99,7 +107,6 @@ func (e *crzLogEvent) Stringer(key string, val fmt.Stringer) dbg.Event { if e.muted { return e } - //e.logger.Info("stringer") e.fields[key] = val return e } @@ -121,20 +128,31 @@ func NewCrzLogger(logger *log.Entry) crzLogger { return crzLogger{logger: logger, logLevel: logger.Logger.GetLevel()} } +func (c crzLogger) NewMutedEvt(lvl log.Level) dbg.Event { + return &crzLogEvent{muted: true, logger: c.logger, level: lvl} +} +func (c crzLogger) NewEvt(lvl log.Level) dbg.Event { + evt := &crzLogEvent{fields: map[string]interface{}{}, logger: c.logger, level: lvl} + if c.defaultFields != nil { + for k, v := range c.defaultFields { + evt.fields[k] = v + } + } + return evt +} + func (c crzLogger) WithOutput(w io.Writer) dbg.Logger { - c.logger.Infof("ignoring withoutput directive") return c } func (c crzLogger) WithLevel(lvl dbg.Level) dbg.Logger { - c.logger.Warningf("setting log level to %s", lvl) c.logLevel = log.Level(lvl) c.logger.Logger.SetLevel(c.logLevel) return c } func (c crzLogger) With(fs ...dbg.ContextField) dbg.Logger { - var e dbg.Event = &crzLogEvent{fields: map[string]interface{}{}, logger: c.logger} + var e dbg.Event = c.NewEvt(c.logLevel) for _, f := range fs { e = f(e) } @@ -144,69 +162,36 @@ func (c crzLogger) With(fs ...dbg.ContextField) dbg.Logger { func (c crzLogger) Trace() dbg.Event { if c.logLevel < log.TraceLevel { - //c.logger.Infof("ignoring trace directive") - return &crzLogEvent{muted: true} + return c.NewMutedEvt(log.TraceLevel) } - evt := &crzLogEvent{fields: map[string]interface{}{}, logger: c.logger} - if c.defaultFields != nil { - for k, v := range c.defaultFields { - evt.fields[k] = v - } - } - return evt + return c.NewEvt(log.TraceLevel) } func (c crzLogger) Debug() dbg.Event { if c.logLevel < log.DebugLevel { - //c.logger.Infof("ignoring debug directive -> %s", c.logLevel.String()) - return &crzLogEvent{muted: true, logger: c.logger} + return c.NewMutedEvt(log.DebugLevel) } - - evt := &crzLogEvent{fields: map[string]interface{}{}, logger: c.logger} - if c.defaultFields != nil { - for k, v := range c.defaultFields { - evt.fields[k] = v - } - } - return evt + return c.NewEvt(log.DebugLevel) } func (c crzLogger) Info() dbg.Event { if c.logLevel < log.InfoLevel { - return &crzLogEvent{muted: true} + return c.NewMutedEvt(log.InfoLevel) } - evt := &crzLogEvent{fields: map[string]interface{}{}, logger: c.logger} - if c.defaultFields != nil { - for k, v := range c.defaultFields { - evt.fields[k] = v - } - } - return evt + return c.NewEvt(log.InfoLevel) } func (c crzLogger) Warn() dbg.Event { if c.logLevel < log.WarnLevel { - return &crzLogEvent{muted: true} + return c.NewMutedEvt(log.WarnLevel) } - evt := &crzLogEvent{fields: map[string]interface{}{}, logger: c.logger} - if c.defaultFields != nil { - for k, v := range c.defaultFields { - evt.fields[k] = v - } - } - return evt + return c.NewEvt(log.WarnLevel) } func (c crzLogger) Error() dbg.Event { if c.logLevel < log.ErrorLevel { - return &crzLogEvent{muted: true} + return c.NewMutedEvt(log.ErrorLevel) } - evt := &crzLogEvent{fields: map[string]interface{}{}, logger: c.logger} - if c.defaultFields != nil { - for k, v := range c.defaultFields { - evt.fields[k] = v - } - } - return evt + return c.NewEvt(log.ErrorLevel) }