An error occurred during the analysis, we have been notified about bazaar HOT 5 CLOSED

Hi!

As far as I know, those are messages regarding issues in the analysis. There is some logging for administration purposes on the online version but nothing should leave your local instance.

But I think @U039b should know a bit more than me on that. 😁

from bazaar.

Thanks, are those errors logged somewhere? I'd like to see what I may have missed during the analysis.

from bazaar.

Hi!
This message indicates that the analysis may be incomplete.
In production, we use Sentry to collect errors. In local deployment, exceptions are printed out into the logs. Some steps like MalwareBazaar analysis fails and that's okay simply because Pithus was not able to retrieve the MalwareBazaar report which does not exist.
Analysis status is logged into the analysis_tasks ElasticSearch index and failed tasks are listed in the Django Q section of the administration panel.

from bazaar.

Hi,
it would be great to have a centralised point in the portal where you could see the errors encountered.
For Django, I can see it on the admin portal.
But for the elasticsearch, not sure where to go...
I can logon to Kibana on port 5601 and I can see the analysis_tasks in the elastic management tab but no data... is there a way to access those logs from the local Kibana portal?

from bazaar.

Errors are already centralized. Analysis statuses are logged (without traceback or so) into Elastic Search to determine if an analysis is finished or not. Each analysis step is handled by Django Q and failing tasks traceback is available in the admin panel. If a task fails, that does not mean that there is a bug.

Unhandled or special errors (lets say "critical errors") are reported into Sentry because those errors are most probably bugs.

from bazaar.