crowdsec icon indicating copy to clipboard operation
crowdsec copied to clipboard
verified publisher icon crowdsecurity

logging in the email plugin is buggy

Open sabban opened this issue 3 years ago • 0 comments

What happened?

The logger name in the email plugin uses a global that is constantly changed when notifying, leading to weird naming in the logs:

time="20-07-2022 10:17:37" level=info msg="sent email to [[email protected]]" @module=email-plugin.email_default1.email_default.email_default1.email_default.email_default.email_default1.email_default.email_default1.email_default1.email_default.email_default.email_default1.email_default1.email_default

This is obtained when using two email plugins at the same time (email_default and email_default1. On top of that, the logger is another library than the one used in CrowdSec. This should be changed.

What did you expect to happen?

Logging should work with a real plugin type+name

How can we reproduce it (as minimally and precisely as possible)?

Using two instances of the email plugin at the same time.

Anything else we need to know?

No response

Crowdsec version

❯ crowdsec -version
2022/07/20 11:12:38 version: v1.4.0-rc5-debian-pragmatic-24b1a99c42f16cb0e937406d90a54f0fbad3e7bd
2022/07/20 11:12:38 Codename: alphaga
2022/07/20 11:12:38 BuildDate: 2022-07-13_10:25:27
2022/07/20 11:12:38 GoVersion: 1.17.5
2022/07/20 11:12:38 Platform: linux
2022/07/20 11:12:38 Constraint_parser: >= 1.0, <= 2.0
2022/07/20 11:12:38 Constraint_scenario: >= 1.0, < 3.0
2022/07/20 11:12:38 Constraint_api: v1
2022/07/20 11:12:38 Constraint_acquis: >= 1.0, < 2.0

OS version

# On Linux:
$ cat /etc/os-release
# paste output here
$ uname -a
# paste output here

# On Windows:
C:\> wmic os get Caption, Version, BuildNumber, OSArchitecture
# paste output here

Enabled collections and parsers

$ cscli hub list -o raw
# paste output here

Acquisition config

```console # On Linux: #Generated acquisition file - wizard.sh (service: sshd) / files : /var/log/auth.log filenames: - /var/log/auth.log labels: type: syslog --- #Generated acquisition file - wizard.sh (service: linux) / files : /var/log/syslog /var/log/messages filenames: - /var/log/syslog - /var/log/messages labels: ty # paste output here

On Windows:

C:> Get-Content C:\ProgramData\CrowdSec\config\acquis.yaml

paste output here

Config show

❯ cscli config show
Global:
   - Configuration Folder   : /etc/crowdsec
   - Data Folder            : /var/lib/crowdsec/data
   - Hub Folder             : /etc/crowdsec/hub
   - Simulation File        : /etc/crowdsec/simulation.yaml
   - Log Folder             : /var/log/
   - Log level              : info
   - Log Media              : file
Crowdsec:
  - Acquisition File        : /etc/crowdsec/acquis.yaml
  - Parsers routines        : 1
cscli:
  - Output                  : human
  - Hub Branch              : 
  - Hub Folder              : /etc/crowdsec/hub
Local API Server:
  - Listen URL              : 192.168.10.1:8080
  - Profile File            : /etc/crowdsec/profiles.yaml
  - Trusted IPs: 
  - Database:
      - Type                : sqlite
      - Path                : /var/lib/crowdsec/data/crowdsec.db
      - Flush age           : 7d
      - Flush size          : 5000

# paste output here

Prometheus metrics

non relevant

Related custom configs versions (if applicable) : notification plugins, custom scenarios, parsers etc.

sabban avatar Jul 20 '22 11:07 sabban