Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Allow to filter alerts based on alert ref

See original GitHub issue

For CSP we have the following vulnerabilities specified.

Reported Rule ID	CSP-ID	Rule description
10055	10055	CSP
10055	10055-1	CSP: X-Content-Security-Policy
10055	10055-2	CSP: X-WebKit-CSP
10055	10055-3	CSP: Notices
10055	10055-4	CSP: Wildcard Directive
10055	10055-5	CSP: script-src unsafe-inline
10055	10055-6	CSP: style-src unsafe-inline
10055	10055-7	CSP: script-src unsafe-hashes
10055	10055-8	CSP: style-src unsafe-hashes
10055	10055-9	CSP: Malformed Policy (Non-ASCII)

When I attempt to configure an alert filter I’m provided with the following options (where CSP is rule id 10055):

Currently, I cannot find a way to add a filter to one of the sub-rules because they all share Rule ID 10055 and provide no way for me to differentiate in the alert rules.

ContentSecurityPolicyScanRule.java

Should these all have unique Rule ID’s? Or maybe we could set the attack type here as alertRef? This might provide a way for users to define alert filters specific to each rule type.

Issue Analytics

State:
Created a year ago
Reactions:1
Comments:7 (6 by maintainers)

Top GitHub Comments

1reaction

kingthorincommented, Sep 7, 2022

I’m curious why these are grouped these like this while Cookies vulnerabilities all have their own unique Rule ID?

Just depends how things were built.

@kingthorin If we could migrate to use rule-id’s with hyphens and include all the rules in the Alert Type pull down that would be great. I didn’t check the type, but suspect its an integer.

Ya that’s what I was suggesting 😀

0reactions

kingthorincommented, Sep 11, 2022

Well if we did it as a text field and checkbox like others then it would allow different batching/grouping with regex which might be easier? Or a separate multi-select combo?

I dunno there are lots of options. I’m just not sure what’s best.

Top Results From Across the Web

Alerts on Document Library filter by user

The correct way of filtering on user Column is : newAlert.Filter = "<Query><Neq><FieldRef Name=\"Author/New\" /><Value type=\"Text\">" + userFilter + ...

Alert processing rules - Azure Monitor - Microsoft Learn

Scope and filters for alert processing rules ; Monitor service, The rule applies only to alerts from any of the specified monitoring services ......

Regular expressions for customizing and filtering alerts

Learn how to use regular expressions when filtering in Opsgenie and view sample definitions.

How to Create an Alert on List View in SharePoint?

You can Create Alert using PowerShell and specify “Filter” for the alert. E.g. Content Type $Alert.Filter = “<Query><Eq><FieldRef Name=' ...

Configure filters for automatic alert groups - ServiceNow Docs

Filter alerts and alert groups to reduce alert noise. Only alerts that match the filter are included in the group of the selected...