Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

"--stats scan" gives misleading statistics (analyze is fine) #648

Closed
tstromberg opened this issue Nov 19, 2024 · 1 comment
Closed

"--stats scan" gives misleading statistics (analyze is fine) #648

tstromberg opened this issue Nov 19, 2024 · 1 comment
Assignees
@egibs

Comments

@tstromberg
Copy link
Collaborator

When you use --stats with scan, you can't get an idea of your hit rate as HIGH+CRIT always totals 100%. My guess is that it's because we drop misses before stat generation.

For example:

📊 Statistics
---
Files Scanned   10781 (0 skipped)
Total Risks     10781
---
⚠️  Risk Level Percentage
---
Risk Level    Percentage Count/Total
4/CRIT            89.46% 9645/10781
3/HIGH            10.54% 1136/10781
---
Number of behaviors      15758
@egibs egibs self-assigned this Nov 19, 2024
@egibs
Copy link
Member

egibs commented Nov 19, 2024

Yep, we return an empty file report in report.Generate when running a scan:

if c.Scan && overallRiskScore < HIGH {
	return malcontent.FileReport{}, nil
}

I'll reason about a fix for this.

@egibs egibs mentioned this issue Nov 19, 2024
Merged
@egibs egibs closed this as completed Nov 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@egibs egibs

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@tstromberg @egibs