Project

General

Profile

Bug #317

alert.impact unable to create path

Added by over 15 years ago. Updated about 15 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Target version:
Start date:
Due date:
% Done:

0%

Resolution:
fixed

Description

Hi,

I'm using prelude-correlator and I having problems setting up brute-force attack.

18 Sep 16:08:52 (process:9522) ERROR: LUA error on 'brute_force': /usr/local/share/prelude-correlator/lua/lib.lua:54: set(alert.impact.severity): unable to create path: Unknown IDMEF child 'impact'. (lua.c:148 lua_run)

in the code:

ctx:set("alert.impact.severity", "high")

impact.description is also getting errors

brute-force_impact.patch View (747 Bytes) Pierre Chifflier, 09/19/2008 09:53 AM

History

#1 Updated by Pierre Chifflier over 15 years ago

Hi,

From an IDMEF point of view, impact is a child of assessment (not alert), so the rule should use "alert.assessment.impact.severity".

Could you try the attached patch ?

Pierre

#2 Updated by Yoann VANDOORSELAERE over 15 years ago

  • Status changed from New to Closed
  • Resolution set to fixed

Thanks for reporting the issue, it has already been solved as of r10805.
Regards,

#3 Updated by over 15 years ago

Hi,

I tried myself that yesterday and was not working, I will later post the error here.

Regards,

Rui

#4 Updated by Yoann VANDOORSELAERE about 15 years ago

  • Project changed from PRELUDE SIEM to Prelude Correlator
  • Category deleted (11)
  • Target version deleted (91)

Also available in: Atom PDF