From: Riju <19.riju@gmail.com>
Date: Fri, 16 Oct 2020 20:37:13 +0000 (+0530)
Subject: logging: Improve flowbit logs
X-Git-Tag: 1.3.0rc1~38
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1ea732764cafdad1d37f82c8d1a3f9beddaae64a;p=thirdparty%2Fsuricata-update.git

logging: Improve flowbit logs

Add and update debug logs for flowbit requirements to display pass

Ticket #3205.
---

diff --git a/suricata/update/main.py b/suricata/update/main.py
index 22b9da1..4a1c569 100644
--- a/suricata/update/main.py
+++ b/suricata/update/main.py
@@ -627,13 +627,15 @@ def dump_sample_configs():
 def resolve_flowbits(rulemap, disabled_rules):
     flowbit_resolver = rule_mod.FlowbitResolver()
     flowbit_enabled = set()
+    pass_ = 1
     while True:
+        logger.debug("Checking flowbits for pass %d of rules.", pass_)
         flowbits = flowbit_resolver.get_required_flowbits(rulemap)
         logger.debug("Found %d required flowbits.", len(flowbits))
         required_rules = flowbit_resolver.get_required_rules(rulemap, flowbits)
         logger.debug(
-            "Found %d rules to enable to for flowbit requirements",
-            len(required_rules))
+            "Found %d rules to enable for flowbit requirements (pass %d)",
+            len(required_rules), pass_)
         if not required_rules:
             logger.debug("All required rules enabled.")
             break
@@ -645,6 +647,7 @@ def resolve_flowbits(rulemap, disabled_rules):
             rule.enabled = True
             rule.noalert = True
             flowbit_enabled.add(rule)
+        pass_ = pass_ + 1
     logger.info("Enabled %d rules for flowbit dependencies." % (
         len(flowbit_enabled)))