suricata icon indicating copy to clipboard operation
suricata copied to clipboard

Published 20 hours ago verified publisher icon OISF

exception/policy: add stats counters - v4

Open jufajardini opened this issue 1 year ago • 1 comments

Link to redmine ticket: https://redmine.openinfosecfoundation.org/issues/5816

Previous PR: https://github.com/OISF/suricata/pull/10264

Disclaimer: this code triggers a stack use after scope error related, I think, to how I'm trying to "automate" the counter ids registration. I'll point out in the code

Describe changes:

  • encode valid exception policy stats
  • extract exception policy types to its own header file
  • start documenting exception policy stats counters
  • better highlight what exception policies are valid with which exception scenarios
  • try to use array and struct for Exception Policy Counters

TODO:

  • carefully review if we are not trying to log counters for cases when exception policies are not valid (such as specific situations in IDS or IPS).
  • figure out how to apply same logic used for other stats counters for per-app-proto app-layer error exception policy stats
  • better align stats.log - as the new counters size character is longer than what we currently have in the stats
  • update the json.schema to include delta counters
  • fix commit history

jufajardini avatar Feb 12 '24 00:02 jufajardini

ERROR: ERROR: ASAN TEST FAIL in ASAN_TLPR1_suri QA test

ERROR: QA failed on ASAN_TLPR1_suri.

Pipeline 18332

suricata-qa avatar Feb 12 '24 00:02 suricata-qa

Followed by: https://github.com/OISF/suricata/pull/10527

jufajardini avatar Feb 28 '24 19:02 jufajardini