[Bug]: empty json-ocsf output in 4.1.0
djinnert opened this issue · comments
Steps to Reproduce
Command ran:
python prowler.py aws -R arn:aws:iam::[accountid]:role/[role] -M json-ocsf json-asff csv
NOTE: Issue isn't present in 3.16.3 but is in 4.1.0
It generates an empty JSON-OCSF with only [].
This doesn't occur in 3.16.3 only in 4.x
Prior bug seen in 3.x that was fixed: #3018 and possibly was reintroduced in the 4.x code.
Expected behavior
The -M json-ocsf should not generate an empty json-ocsf file
Actual Result with Screenshots or Logs
Command: python prowler.py aws -R arn:aws:iam::[accountid]:role/[priv-role] --compliance aws_foundational_security_best_practices_aws -M json-ocsf json-asff csv -F test2-4.1.0
How did you install Prowler?
Cloning the repository from github.com (git clone)
Environment Resource
Ubuntu VM
OS used
Ubuntu
Prowler version
Prowler 4.1.0 (You are running the latest version, yay!)
Pip version
pip 23.2.1
Context
No response
Hi! @djinnert We are investigating this issue, I'll reach you when the solution is found. Thanks for the report and using Prowler!! 😄
Hi! @djinnert I'm not able to reproduce your issue. Could you please share with me the log using the log-file <filename> flag? Thanks!
@pedrooot I did a log-level ERROR and attached it
prowler-error.log
.
Hi @pedrooot I did some additional testing to ensure it wasn't something specific on my install but the same issue with [] in the contents and same error log.
I tried a fresh system with gitlab clone - json-ocsf contains only []
Also tried with the latest docker container - json-ocsf contains only []
If there is anything I can do to help or provide, let me know.
Thanks @djinnert we finally found the bug and it's expected to be fixed today!