Snyk integration - Decoders
37 views
Skip to first unread message
Vera
Apr 22, 2024, 3:00:54 PM4/22/24
to Wazuh | Mailing List
Hello everyone,
I am integrating Snyk with Wazuh.
This is the way it is executed:
The command "snyk code test" is executed -> A decoder extracts the information -> A rule is triggered and the information appears on the Wazuh dashboard.
The whole system works fine and the data is extracted correctly, but I have encountered a problem, which I have not been able to solve.
For example, when executing the Snyk command, I have these logs:
" ✗ [Low] Use of Password Hash With Insufficient Computational Effort.
Path: node_modules/bl/test/test.js, line 511
Info: md5 hash (used in crypto.createHash) is insecure. Consider changing it to a secure hashing algorithm.
✗ [Low] Use of Password Hash With Insufficient Computational Effort
Path: node_modules/bl/test/test.js, line 512
Info: md5 hash (used in crypto.createHash) is insecure. Consider changing it to a secure hashing algorithm."
I'm trying to add both "titles" (i.e. the [Importance] Title line) in the above examples, but only the first title is reflected. Could you guide me on how to concatenate the RegExp matches?
This is the way it is executed:
The command "snyk code test" is executed -> A decoder extracts the information -> A rule is triggered and the information appears on the Wazuh dashboard.
The whole system works fine and the data is extracted correctly, but I have encountered a problem, which I have not been able to solve.
For example, when executing the Snyk command, I have these logs:
" ✗ [Low] Use of Password Hash With Insufficient Computational Effort.
Path: node_modules/bl/test/test.js, line 511
Info: md5 hash (used in crypto.createHash) is insecure. Consider changing it to a secure hashing algorithm.
✗ [Low] Use of Password Hash With Insufficient Computational Effort
Path: node_modules/bl/test/test.js, line 512
Info: md5 hash (used in crypto.createHash) is insecure. Consider changing it to a secure hashing algorithm."
I'm trying to add both "titles" (i.e. the [Importance] Title line) in the above examples, but only the first title is reflected. Could you guide me on how to concatenate the RegExp matches?
Jose Camargo
Apr 22, 2024, 7:15:21 PM4/22/24
to Wazuh | Mailing List
Hi Vera,
To clarify, do you mean that these logs are not being decoded correctly? Are they not decoded at all? What do you mean by "concatenate the RegExp matches"?
Can you please attach here the decoders you use and some extra sample logs so we can better understand how these logs look like (if you can add some samples from the logs that do work, that'll be better).
I'll be awaiting your comments.
Regards,
Jose
Reply all
Reply to author
Forward
0 new messages