Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add ignore codetype #255

Merged
merged 4 commits into from
Jun 23, 2023
Merged

add ignore codetype #255

merged 4 commits into from
Jun 23, 2023

Conversation

0x25
Copy link
Contributor

@0x25 0x25 commented Jun 19, 2023

allows to ignore logtype (3000,4000, ...) in opencanary.conf to limit alerts.

jayjb
jayjb requested changes Jun 21, 2023
View reviewed changes
Copy link
Contributor

@jayjb jayjb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks so much for the PR @0x25! We really appreciate you taking an interest. Please can you check my suggestions and let me know if there is anything that is unclear

opencanary/logger.py
@@ -153,6 +153,7 @@ def __init__(self, config, handlers, formatters={}):

# Check if ignorelist is populated
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we clean this up a little please. And change the below to:

       self.ip_ignorelist = config.getVal('ip.ignorelist', default='')
       self.logtype_ignorelist = config.getVal('logtype.ignorelist', default='')

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

change done on both (ip and logtype)

opencanary/logger.py Outdated
# Log only if not in ignorelist
notify = True
if 'src_host' in logdata:
for ip in self.ignorelist:
if check_ip(logdata['src_host'], ip) == True:
notify = False
break

if 'logtype' in logdata:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

if 'logtype' in logdata and logdata['logtype'] in self.logtype_ignorelist:

Copy link
Contributor Author

@0x25 0x25 Jun 21, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

change done on logtype test condition and add ip_ to ignorelist at line 172

jayjb
jayjb requested changes Jun 23, 2023
View reviewed changes
Copy link
Contributor

@jayjb jayjb left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry last small change please

opencanary/logger.py Outdated
@@ -152,7 +152,8 @@ def __init__(self, config, handlers, formatters={}):
exit(1)

# Check if ignorelist is populated
self.ignorelist = config.getVal('ip.ignorelist', default='')
self.ip_ignorelist = config.getVal('ip.ignorelist', default='')
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

can we change to default=[] so that it is a list as we expect

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

your welcome
done

@jayjb
Copy link
Contributor

jayjb commented Jun 23, 2023

Hey @0x25,

Thanks again for the PR. We really appreciate folks contributing and helping out. Would you mind emailing me at jay [at] thinkst [dot] com please? We would like to send you something for your troubles.

@jayjb jayjb merged commit 31d927a into thinkst:master Jun 23, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jayjb jayjb jayjb approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@0x25 @jayjb