data directive in scenario do not load local file in memory
Hello, I created a dummy scenario to import local data file (with a list of IPs) but it seems to not be loaded in memory.
I use the imported file with the File() function in filters section of profiles.yaml:
It worked for a couple of months but I realized it do not work anymore.
Here is the dummy scenario:
Here is the debug log:
I use the imported file with the File() function in filters section of profiles.yaml:
filters:
- Alert.Remediation == true && Alert.GetScope() == "Ip" && Alert.GetValue() in File("importtrustedip.txt")filters:
- Alert.Remediation == true && Alert.GetScope() == "Ip" && Alert.GetValue() in File("importtrustedip.txt")It worked for a couple of months but I realized it do not work anymore.
Here is the dummy scenario:
name: gcustom/importtrustedip
description: "Mandatory to notify when when trusted ip get banned"
data:
- dest_file: importtrustedip.txt
type: stringname: gcustom/importtrustedip
description: "Mandatory to notify when when trusted ip get banned"
data:
- dest_file: importtrustedip.txt
type: stringHere is the debug log:
time="2025-08-12T12:50:06+02:00" level=error msg="file 'importtrustedip.txt' (type:string) not found in expr library"
time="2025-08-12T12:50:06+02:00" level=error msg="expr library : (map[string][]string) {\n}\n"
time="2025-08-12T12:50:06+02:00" level=debug msg="dbg(result=false): Alert.Remediation == true && Alert.GetScope() == \"Ip\" && Alert.GetValue() in File(\"importtrustedip.txt\")" name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg=" [true] " name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg=" [== true] true == true -> [true]" name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg=" [&&] AND -> true" name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg=" [== \"Ip\"] \"Ip\" == \"Ip\" -> [true]" name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg=" [&&] AND -> true" name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg=" [File(\"importtrustedip.txt\")] File(\"importtrustedip.txt\") = []" name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg=" [in File(\"importtrustedip.txt\")] \"135.233.112.24\" in [] -> false" name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg="Profile ban_meraki filter is unsuccessful" name=ban_meraki type=profiletime="2025-08-12T12:50:06+02:00" level=error msg="file 'importtrustedip.txt' (type:string) not found in expr library"
time="2025-08-12T12:50:06+02:00" level=error msg="expr library : (map[string][]string) {\n}\n"
time="2025-08-12T12:50:06+02:00" level=debug msg="dbg(result=false): Alert.Remediation == true && Alert.GetScope() == \"Ip\" && Alert.GetValue() in File(\"importtrustedip.txt\")" name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg=" [true] " name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg=" [== true] true == true -> [true]" name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg=" [&&] AND -> true" name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg=" [== \"Ip\"] \"Ip\" == \"Ip\" -> [true]" name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg=" [&&] AND -> true" name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg=" [File(\"importtrustedip.txt\")] File(\"importtrustedip.txt\") = []" name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg=" [in File(\"importtrustedip.txt\")] \"135.233.112.24\" in [] -> false" name=ban_meraki type=profile
time="2025-08-12T12:50:06+02:00" level=debug msg="Profile ban_meraki filter is unsuccessful" name=ban_meraki type=profile
