diff --git a/slips_files/common/idmefv2.py b/slips_files/common/idmefv2.py index 3b78cefcb..a628992a1 100644 --- a/slips_files/common/idmefv2.py +++ b/slips_files/common/idmefv2.py @@ -162,12 +162,11 @@ def convert_to_idmef_alert(self, alert: Alert) -> Message: return msg except jsonschema.exceptions.ValidationError as e: - # TODO should be logged using a module's print! - print(f"IDMEFv2 Validation failure: {e} {e.message}") + self.print(f"Validation failure: {e} {e}", 0, 1) except Exception as e: - print(f"Error in convert(): {e}") - print(traceback.format_exc()) + self.print(f"Error in convert(): {e}", 0, 1) + self.print(traceback.format_exc(), 0, 1) def is_icmp_code(self, code) -> bool: """checks if the given string is an icmp error code""" @@ -308,9 +307,7 @@ def convert_to_idmef_event(self, evidence: Evidence) -> Message: return msg except jsonschema.exceptions.ValidationError as e: - # TODO should be logged using a module's print! - print(f"IDMEFv2 Validation failure: {e.message}") - + self.print(f"Validation failure: {e}", 0, 1) except Exception as e: - print(f"Error in convert_to_idmef_event(): {e}") - print(traceback.format_exc()) + self.print(f"Error in convert_to_idmef_event(): {e}", 0, 1) + self.print(traceback.format_exc(), 0, 1) diff --git a/slips_files/core/database/redis_db/alert_handler.py b/slips_files/core/database/redis_db/alert_handler.py index 47e5eaa8e..3bcf64638 100644 --- a/slips_files/core/database/redis_db/alert_handler.py +++ b/slips_files/core/database/redis_db/alert_handler.py @@ -158,6 +158,8 @@ def set_evidence(self, evidence: Evidence): """ # create the profile if it doesn't exist self.add_profile(str(evidence.profile), evidence.timestamp) + # normalize confidence, should range from 0 to 1 + evidence.confidence = min(evidence.confidence, 1) # Ignore evidence if it's disabled in the configuration file if self.is_detection_disabled(evidence.evidence_type): diff --git a/slips_files/core/evidencehandler.py b/slips_files/core/evidencehandler.py index ee9a7ca1e..acf7cdcd9 100644 --- a/slips_files/core/evidencehandler.py +++ b/slips_files/core/evidencehandler.py @@ -148,7 +148,6 @@ def clean_file(self, output_dir, file_to_clean): def handle_unable_to_log(self): self.print("Error logging evidence/alert.") - self.print(traceback.format_exc(), 0, 1) def add_alert_to_json_log_file(self, alert: Alert): """