-
Notifications
You must be signed in to change notification settings - Fork 8
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Reporter errors "field value missing (CVE_2021_44228::c$http$uri)" #4
Labels
bug
Something isn't working
Comments
Just leaving an update that I am in fact seeing more occurrences of these errors which is again tripping the Custom Packages service status to red and is stating "Stopped due to script errors". |
ynadji
added a commit
that referenced
this issue
Dec 16, 2021
…ional in HTTP::Info and may cause the same failure
ynadji
added a commit
that referenced
this issue
Dec 16, 2021
Fixes #4. Also does the same fix for c$http$method
Great! Thanks for reporting. Please open issues for any other problems you see. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I installed this package and I'm seeing some of these crop up in reporter.log and wanted to let you all know. It may have been a transient burst of these errors (I haven't seen any in a while) but I nonetheless had them occur and our checks to the custom scripts API endpoint in our monitoring seemed to not like it at all, seems worth looking into. I saw about 51 of these events in reporter.log within a 1 hour timeframe after initially loading the bundle with this package included.
{"_path":"reporter","_system_name":"redacted","_write_ts":"2021-12-15T22:53:03.090118Z","ts":"2021-12-15T22:53:03.090118Z","level":"Reporter::ERROR","message":"field value missing (CVE_2021_44228::c$http$uri)","location":"/opt/bro/share/zeek/site/packages/customer-bundle/packages/./cve-2021-44228/./CVE_2021_44228.zeek, line 111"}
The text was updated successfully, but these errors were encountered: