Refactor so that testdata samples are in their own namespace #110
Conversation
|
need a rebase |
| @@ -297,16 +297,20 @@ func Generate(ctx context.Context, path string, mrs yara.MatchRules, ignoreTags | |||
| overallRiskScore := 0 | |||
| riskCounts := map[int]int{} | |||
|
|
|||
| for _, m := range mrs { | |||
| for x, m := range mrs { | |||
| clog.InfoContextf(ctx, "yara match[%d]: %+v", x, m) | |||
There was a problem hiding this comment.
This is fine, but a better approach might be to take advantage of the structured logging fields, so we'd set the MatchRule once, and we don't have to keep logging it. This makes it easier to search for logs in some places because the "context" fields are set in the right context, and you don't need to keep tacking that in to each log message.
So, something like this here:
mrLog := clog.FromContext(ctx).With(slog.String("matchrule", m.Namespace))
And then below you could just do:
mrLog.Infof("dropping (risk %d is too low)", risk)
and
mrLog.Infof("key=%s", key)
so you don't have to keep logging the m.Namespace in different places. But just more FYI in case you weren't aware of it.
There was a problem hiding this comment.
In the other PR I did try to use it in places, but just wanted to take the first pass of moving to structured logging, I'm sure we can clean up the logging more intentionally later on.
Related to #75
This was particularly nice as we were able to move tests into their own namespace.
We may move
bincapz.gotopkg/bincapz, but I'm not sure yet.