Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

app-protect-log-level does not set app-protect log level correctly #5872

Closed
dvelben opened this issue Jun 27, 2024 · 4 comments
Closed

app-protect-log-level does not set app-protect log level correctly #5872

dvelben opened this issue Jun 27, 2024 · 4 comments
Labels
in review Gathering information

Comments

@dvelben
Copy link

dvelben commented Jun 27, 2024
edited

Describe the bug
AppProtect logs in NOTICE level even FATAL is set.

To Reproduce
Deploy Ingress Controller 3.5.2, run with following args:
args:
- -nginx-configmaps=$(POD_NAMESPACE)/nginx-ingress
- -nginx-plus=true
- -enable-app-protect=true
- -enable-app-protect-dos=false
- -enable-snippets=true
- -enable-prometheus-metrics=true
- -enable-latency-metrics=true
- -external-service=nginx-ingress-controller
- -report-ingress-status=true
- -app-protect-log-level=fatal

Expected behavior
Only get FATAL logs from app protect but NOTICE are received too.

nginx-ingress BD_MISC|NOTICE|Jun 27 07:52:19.697|0021|/builds/6x631E1L/0/waf/waf-general/secore/bd/bd/main.c:1293|Build time version: [11.48.0], major API version: [11]

During start up, it is logged:

nginx-ingress New module: IO_PLUGIN
nginx-ingress New level: TS_CRIT
nginx-ingress New file num: 2
nginx-ingress New module: BD_MISC
nginx-ingress New level: TS_CRIT
nginx-ingress New file num: 2
nginx-innginx-ingress New level: TS_CRIT
nginx-ingress New file num: 2 
nginx-ingress New ALL module: ALL
nginx-ingress New ALL level: TS_NOTICE
nginx-ingress New ALL level: TS_CRIT
nginx-ingress New ALL level: TS_ERR
nginx-ingress New ALL level: TS_WARNING                                                                                                                                                                           nginx-ingress New ALL file num: 2

So it seems last TS_NOTICE to ALL is enabling NOTICE to BD_MISC too.

Your environment

  • 3.5.2
  • 1.27.13
  • AKS
  • NGINX Plus

Additional context
@github-actions GitHub Actions
Copy link

Hi @dvelben thanks for reporting!

Be sure to check out the docs and the Contributing Guidelines while you wait for a human to take a look at this 🙂

Cheers!

@haywoodsh
Copy link
Contributor

Thanks for reporting this issue. We will take a look at this issue and confirm if it is an Ingress Controller bug

@haywoodsh haywoodsh added the in review Gathering information label Jul 1, 2024
@vepatel
Copy link
Contributor

vepatel commented Jul 17, 2024

@dvelben thanks for you patience, we're still investigating and will let you know once we've an update

@pdabelf5
Copy link
Collaborator

pdabelf5 commented Aug 7, 2024

@dvelben We have confirmed this issue is a bug in NGINX App Protect WAF. We will close this Github issue, but request you log a support request via MyF5 relating to NGINX App Protect WAF to track the issue further.

@pdabelf5 pdabelf5 closed this as completed Aug 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
in review Gathering information
Projects
NGINX Ingress Controller
Archived in project
Milestone
No milestone
Development

No branches or pull requests
4 participants
@dvelben @haywoodsh @vepatel @pdabelf5