我为将日志文件发送到不同位置而使用特定的Go实现感到困惑:
package main
func isDestinationSIEM(json_msg string, json_obj *jason.Object, siem_keys []string) (bool) {
if json_obj != nil {
dest, err := json_obj.GetString("destination")
if err == nil {
if strings.Contains(dest,"SIEM") {
return true
}
}
for _, key := range siem_keys {
if strings.Contains(json_msg, key) {
return true
}
}
}
return false
}
func sendToSIEM(siem_dst string, json_msg string) (error) {
// Create connection to syslog server
roots := x509.NewCertPool()
ok := roots.AppendCertsFromPEM([]byte(rootPEM))
if !ok {
fmt.Println("failed to parse root certificate")
}
config := &tls.Config{RootCAs: roots, InsecureSkipVerify: true}
conn, err := tls.Dial("tcp", siem_dst, config)
if err != nil {
fmt.Println("Error connecting SIEM")
fmt.Println(err.Error())
} else {
// Send log message
_, err = fmt.Fprintf(conn, json_msg)
if err != nil {
fmt.Println("Error sending SIEM message: ", json_msg)
fmt.Println(err.Error())
}
}
defer conn.Close()
return err
}
func main() {
// simplified code otherwise there would have been too much
// but the 'devil' is this for loop
for _, obj := range objects {
// first check
isSIEM := isDestinationSIEM(obj, siem_keys)
if isSIEM {
err := sendToSIEM(obj)
if err != nil {
// print error
}
isAUDIT:= isDestinationSIEM(obj)
if isAUDIT {
err := sendToAUDIT(obj)
if err != nil {
// print error
}
} // end of for
}
如果“if isSIEM”返回错误,则不会进行第二次检查“if isAUDIT”。
为什么是这样?如果返回错误,则循环是否从下一次迭代开始?
错误看起来像这样:
运行时错误:无效的内存地址或nil指针取消引用:errorString(列出了两个go包)
最佳答案
The error looks like this: runtime error: invalid memory address or nil pointer dereference: errorString (which lists a couple of go packages)
这意味着您捕获了
panic()
并且程序已停止,这也意味着您的圈子for
也已停止。这里详细说明如何处理紧急https://blog.golang.org/defer-panic-and-recover
关于for-loop - Go中for循环内的错误处理可能会导致下一次迭代,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/60900929/