[LogReport Development] bug report for the Fortigate DLF converter
Joost Bekkers
joost at jodocus.org
Tue Dec 30 15:17:32 CET 2008
Hi,
Currently, the fortigate dlf converter assumes all log rules are of type
traffic. This results in perl screaming about undefined variables when
something else (ie an "event") is in the log.
To fix this:
--- FortigateDlfConverter.pm.dist 2008-12-30 14:52:00.000000000 +0100
+++ FortigateDlfConverter.pm 2008-12-30 15:05:47.000000000 +0100
@@ -87,6 +87,9 @@
return $process->ignore_log_line($line)
unless $log->{content} =~ /devname=\w* device_id=\w*/;
+ return $process->ignore_log_line($line)
+ unless $log->{content} =~ / type=traffic /;
+
my %dlf = (
time => $log->{timestamp},
count => 1,
Greetz,
Joost Bekkers.
More information about the Development
mailing list