crowdsec icon indicating copy to clipboard operation
crowdsec copied to clipboard
verified publisher icon crowdsecurity

Make `cscli hubtest -appsec` troubleshooting easier

Open buixor opened this issue 9 months ago • 2 comments

What would you like to be added?

Indicate the user if nginx isn't running

If one forgot to start the docker-compose to have nginx running, the error message is a bit cryptic:

 cscli --appsec run vpatch-CVE-2021-44529 --report-success
Error: unknown command "vpatch-CVE-2021-44529" for "cscli"
root@zeroed:/home/bui/github/crowdsec/hub# cscli hubtest --appsec run vpatch-CVE-2021-44529 --report-success
INFO Appsec tests can not run in parallel: setting max_jobs=1 
Running test 'vpatch-CVE-2021-44529'
Error: target is down: took more than 10s for 127.0.0.1:7822 to be available

We could point the user towards the fact that we didn't manage to reach nginx

Point out to the user if nuclei didn't run

If the user has an error in his nuclei template, no request will be made to the nginx server, making it harder to debug. We could display nuclei stderr/stdout to the user when it returns an error to provide some hints:

[INF] Current nuclei version: v3.1.7 (outdated)
[INF] Current nuclei-templates version: v10.1.6 (latest)
[WRN] Scan results upload to cloud is disabled.
[INF] New templates added in latest release: 78
[INF] Templates loaded for current scan: 1
[WRN] Executing 1 unsigned templates. Use with caution.
[INF] Targets loaded for current scan: 1
[WRN] [CVE-2024-3400] Could not execute request for http://127.0.0.1:7822/: net/http: invalid header field name "user=global&portal=global&authcookie=e51140e4-4ee3-4ced-9373-96160d68&domain=global&computer=global&client-ip=global&client-ipv6=global&md5-sum=global&gwHipReportCheck=global"
[INF] No results found. Better luck next time!

buixor avatar Apr 10 '25 13:04 buixor

@buixor: Thanks for opening an issue, it is currently awaiting triage.

In the meantime, you can:

  1. Check Crowdsec Documentation to see if your issue can be self resolved.
  2. You can also join our Discord.
  3. Check Releases to make sure your agent is on the latest version.
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

github-actions[bot] avatar Apr 10 '25 13:04 github-actions[bot]

@buixor: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.

  • /kind feature
  • /kind enhancement
  • /kind refactoring
  • /kind bug
  • /kind packaging
Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

github-actions[bot] avatar Apr 10 '25 13:04 github-actions[bot]