If you need resistor BD on mysql this example setup file could help us

It seems like the resinjector can not accept pidfile/config/logs/socket parámeters needed to be as standar as we can on all our generated binaries

root@snmpcoldev01:~# /usr/sbin/resinjector --pidfile=${PID_FILE} --config=${CONF_FILE} --logs=${LOG_DIR} --socket=${SOCK_FILE}
ERRO[2018-07-04 08:57:16] Fatal error config file: Config File "config" Not Found in "[/root/conf /root]" 

When looking for measurmenets, sometimes there are duplicated names on difernet databases ( by example on productión and testing databases that conatins the same measurement name but perhaps diferent tags/fiels.

Should be able to filter measurment names as well as database names...

Hi,

The actual loop is retrieving all device stats in decreasing order and it will remain with the most restrictive one.
The differents parameters are overwritted on each bucle.

If the rules are ordered, I'm not quite sure if we could re-invert the order and keep only the most restrictive one.

• What Resistor version are you using?
  MASTER

• What OS are you running resistor on?
  Linux FEDORA 27
  npm --version
  5.5.1
  node --version
  v8.9.1

• What did you do?
  npm install

• What was the expected result?
  install all package depencies

• What happened instead?
  npm install
  npm ERR! code ETARGET
  npm ERR! notarget No matching version found for [email protected]
  npm ERR! notarget In most cases you or one of your dependencies are requesting
  npm ERR! notarget a package version that doesn't exist.
  npm ERR! notarget
  npm ERR! notarget It was specified as a dependency of 'resistor'
  npm ERR! notarget

Hello,

I am writing to report a potential Regular Expression Denial of Service (ReDoS) vulnerability or Inefficient Regular Expression in the project. This issue arises when specially crafted input strings are used in the context of distributed, high-volume requests, potentially leading to a denial-of-service attack.

Location of Issue:

The vulnerability is related to a regular expression used in the following validation file, which may result in significantly prolonged execution times under certain conditions.

PoC Files and Comparisons:

// Proof of concept
filename := os.Args[1]
content, err := ioutil.ReadFile(filename)
re := regexp.MustCompile("(?s)<(?:style|script)[^<>]*>.*?</(?:style|script)>|</?[a-z][a-z0-9]*[^<>]*>|<!--.*?-->")
re.ReplaceAllString(string(content), "")

PoC Files Here:
poc.zip

To evaluate the performance of this inefficient regular expression matching with varying input contents, the following commands can be executed within the PoC folder:

time ./poc AttackString10MB.txt
# real    72m38.173s
# user    72m30.083s
# sys     0m5.653s
time ./poc RandomString10MB.txt
# real    0m0.029s
# user    0m0.016s
# sys     0m0.026s
time ./poc AttackString1MB.txt
# real    0m54.028s
# user    0m53.917s
# sys     0m0.088s
time ./poc RandomString1MB.txt
# real    0m0.011s
# user    0m0.007s
# sys     0m0.011s

The significant difference in processing time between random strings and malicious strings highlights the potential effectiveness of this regex for malicious exploitation. And as string length grows, the nonlinear increase in processing time reflects potentially greater risks.

Proposed Solution:

A possible mitigation strategy could include limiting the input length to prevent excessive processing times. If the corresponding function or feature is not in use, it is recommended to clean up risky third-party packages or code content to prevent malicious exploitation through methods such as code injection.

Additional Considerations:

Historically, it was believed that using regex engines with non-backtracking implementations (such as those in Rust or Go) would not lead to ReDoS vulnerabilities. However, recent studies have shown that this is not always the case. I recommend an assessment of how this issue might impact this project.

Thank you for your attention to this matter. Your evaluation and response to this potential security concern would be greatly appreciated.

Best regards,

Code is not ready to execute the UDF module without or wrong parameters.

developer@snmpcoldev01:~/src/gospace/src/github.com/toni-moreno/resistor$ bin/resInjector 
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x50 pc=0x6a1acc]

goroutine 4 [running]:
github.com/toni-moreno/resistor/vendor/github.com/go-xorm/xorm.(*Engine).autoMapType(0x0, 0xa27600, 0xc42019e120, 0x199, 0x0, 0x0, 0x0)
	/home/developer/src/gospace/src/github.com/toni-moreno/resistor/vendor/github.com/go-xorm/xorm/engine.go:786 +0x8c
github.com/toni-moreno/resistor/vendor/github.com/go-xorm/xorm.(*Statement).setRefValue(0xc42019a258, 0xa27600, 0xc42019e120, 0x199, 0xc42019e120, 0x199)
	/home/developer/src/gospace/src/github.com/toni-moreno/resistor/vendor/github.com/go-xorm/xorm/statement.go:212 +0x73
github.com/toni-moreno/resistor/vendor/github.com/go-xorm/xorm.(*Session).Find(0xc42019a240, 0x96f380, 0xc42000c5a0, 0x0, 0x0, 0x0, 0x0, 0x0)
	/home/developer/src/gospace/src/github.com/toni-moreno/resistor/vendor/github.com/go-xorm/xorm/session_find.go:44 +0x1019
main.reloadDbData(0x0, 0x0)
	/home/developer/src/gospace/src/github.com/toni-moreno/resistor/pkg/udf/resInjector.go:581 +0x200
main.startRefreshProc()
	/home/developer/src/gospace/src/github.com/toni-moreno/resistor/pkg/udf/resInjector.go:597 +0x12a
created by main.main
	/home/developer/src/gospace/src/github.com/toni-moreno/resistor/pkg/udf/resInjector.go:638 +0x22e

Error when trying to create a task with custom lambda expression.

Hi,

Actually the range time is passed by Alert configurations, so the alert is defined with a fixed time range.
It doesn't allow the user to set up a filter based on the time range, so the user has to create several alert with different time ranges and its filters

Could be nice if an alert could trigger a jenkins job witch can do related service recovery actions.. like remote script execution

The form doen't check if user has admin privileges and after wont be able to import catalog

It seems like resistor is not able to send logs to the file and does on stdout instead.

root@snmpcoldev01:/usr/share# systemctl status resistor
● resistor.service - Resistor Agent
   Loaded: loaded (/usr/lib/systemd/system/resistor.service; enabled)
   Active: active (running) since jue 2018-07-05 08:49:29 CEST; 1min 14s ago
     Docs: http://github.com/toni-moreno/resistor
 Main PID: 10062 (resistor)
   CGroup: /system.slice/resistor.service
           └─10062 /usr/sbin/resistor --pidfile= --config=/etc/resistor/resistor.toml --logs=/var/log/resistor --home= --data=/var/lib/resistor

jul 05 08:49:29 snmpcoldev01 systemd[1]: Started Resistor Agent.
jul 05 08:49:29 snmpcoldev01 resistor[10062]: time="2018-07-05 08:49:29" level=error msg="influxdb write error:  {\"error\":\"authorizati...iled\"}"
jul 05 08:49:59 snmpcoldev01 resistor[10062]: time="2018-07-05 08:49:59" level=error msg="influxdb write error:  {\"error\":\"authorizati...iled\"}"
jul 05 08:50:29 snmpcoldev01 resistor[10062]: time="2018-07-05 08:50:29" level=error msg="influxdb write error:  {\"error\":\"authorizati...iled\"}"
Hint: Some lines were ellipsized, use -l to show in full.
root@snmpcoldev01:/usr/share# tail -f /var/log/resistor/
http_access.log  resinjector.log  
root@snmpcoldev01:/usr/share# ls -l /var/log/resistor/
total 4
-rw-r----- 1 resist resist    0 jul  5 08:49 http_access.log
-rw-r--r-- 1 resist resist 2900 jul  5 08:48 resinjector.log

This FR will enable an acoustic alert on the browser

Would be nice if version info could be also added to the udf binary.

developer@snmpcoldev01:~/src/gospace/src/github.com/toni-moreno/resistor$ ./bin/resInjetor -version
flag provided but not defined: -version
Usage of ./bin/resInjetor:
  -socket string
    	Where to create the unix socket (default "/tmp/resInjector.sock")

Resistor 0.5.8.
Process:
-Create a task in Resistor.
-Resistor automatically assigns the internal IP of the Resistor Docker to the task as the response address.
-If Resistor Docker IP changes for any reason, the tasks that have the old IP of the Resistor Docker, can not send information to Resistor as can be seen in Kapacitor logs:

ts=2018-10-04T09:03:52.678Z lvl=error msg="failed to POST alert data" service=httppost task=LB-OS_LINUX-CPU-001 err="Post http://172.18.0.10:6090/api/rt/kapfilter/alert/Slack,httppost,logging: dial tcp 172.18.0.10:6090: connect: connection refused"

Resistor version: 0.6.7
OS: Debian 9.1

Description of resistor software isn't enough clear for me, so I decided to give it try.

Unfortunately during build (npm run build:prod - BTW there is typo in README.md - should be :pro->:prod) I get:
pkg/webui/apirt-kapfilter.go:175: cannot convert *prevalevt (type config.AlertEvent) to type config.AlertEventHist

No idea how to fix it. :( Is it possible to share resistor as deb package?

Best regards,
Wiktor