Skip to content

[Bug] Missing Spaces Between Logic Operators Does Not Raise Error #2700

New issue
New issue
Open
#3789
Open
[Bug] Missing Spaces Between Logic Operators Does Not Raise Error#2700
#3789
Assignees
eric-forte-elastic
Labels
backlogbugSomething isn't workingkqlrelated to the kql modulepythonInternal python for the repository
@terrancedejesus

Description

@terrancedejesus
terrancedejesus
opened on Apr 5, 2023

Describe the bug

Related to #2692, it appears the original query passed validation from KQLValidator class methods when the rule was loaded. It should have failed because one of the logic operators was missing a space which is invalid for KQL.

"Test-ServiceDaclPermission" or"Update-ExeFunctions"

Testing

We should take the rule as it was before the fix locally and set a breakpoint in KQLValidator.validate within rule_validators.py. This should allow us to trace the parsing and validation to determine why it did not explicitly raise an error.

Metadata

Metadata

Assignees

Labels

backlogbugSomething isn't workingkqlrelated to the kql modulepythonInternal python for the repository

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions