Skip to content

Commit

Permalink
Add to dump after postoverflow so we can test within hubtest (#2511)
Browse files Browse the repository at this point in the history
Co-authored-by: Thibault "bui" Koechlin <thibault@crowdsec.net>
  • Loading branch information
LaurenceJJones and buixor authored Nov 28, 2023
1 parent 6a61b91 commit 05c1825
Showing 1 changed file with 8 additions and 7 deletions.
15 changes: 8 additions & 7 deletions cmd/crowdsec/output.go
Original file line number Diff line number Diff line change
Expand Up @@ -146,13 +146,6 @@ LOOP:
}
break LOOP
case event := <-overflow:
//if the Alert is nil, it's to signal bucket is ready for GC, don't track this
if dumpStates && event.Overflow.Alert != nil {
if bucketOverflows == nil {
bucketOverflows = make([]types.Event, 0)
}
bucketOverflows = append(bucketOverflows, event)
}
/*if alert is empty and mapKey is present, the overflow is just to cleanup bucket*/
if event.Overflow.Alert == nil && event.Overflow.Mapkey != "" {
buckets.Bucket_map.Delete(event.Overflow.Mapkey)
Expand All @@ -164,6 +157,14 @@ LOOP:
return fmt.Errorf("postoverflow failed : %s", err)
}
log.Printf("%s", *event.Overflow.Alert.Message)
//if the Alert is nil, it's to signal bucket is ready for GC, don't track this
//dump after postoveflow processing to avoid missing whitelist info
if dumpStates && event.Overflow.Alert != nil {
if bucketOverflows == nil {
bucketOverflows = make([]types.Event, 0)
}
bucketOverflows = append(bucketOverflows, event)
}
if event.Overflow.Whitelisted {
log.Printf("[%s] is whitelisted, skip.", *event.Overflow.Alert.Message)
continue
Expand Down

0 comments on commit 05c1825

Please sign in to comment.