-
Notifications
You must be signed in to change notification settings - Fork 1.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Negative Integer Bug #13425
Comments
I'm not sure how to change the label. Sorry about that. |
Hi @ozinfotech I hope you are well! It's good that you write us here! Based on the library we use to manage json (cJSON), the maximum level of precision is 53 bits, this is due to a backward compatibility. As for the .000000, this is because any number greater than 2^31 will be interpreted as a double, so the sample will be an IEEE float. DaveGamble/cJSON#151 Is there a possibility that this number comes as a string? |
I've tried to convert it to a string from the hashtable in PowerShell, but it is beyond my capabilities at the moment. I'll keep working on it. What you mentioned makes sense. |
Got it switched to a string. Thanks again! |
Description
I am running a logtest (/var/ossec/bin/wazuh-logtest) to verify that json is imported properly. One of the json pairs has a large negative integer that doesn't keep its original value after decoding. It goes through pre-decoding fine.
I've tried with three different tests of the value:
All three return the following value (which is also -2^63):
Service/Product/Module
wazuh-logtest
Errors/Improvements
Current results
Expected results
Keywords: '-9223372036854775807'
Resources
Log source / integration
These are DNS logs from a Windows DNS server, saved in json format.
Log reference
This is a different log, but same format. The other was purged during maintenance.
Log examples
These have all been converted to one line to paste into wazuh-logtest.
Threats and compliance
N/A
The text was updated successfully, but these errors were encountered: