TechQA.

Serilog.Expressions how to use the wildcard indexing (any) operator on a dictionary

107 views Asked by At

I'm using Serilog.Expressions (3.4.0) to try to filter SQL injection attacks appearing in the query string. I've enriched the log event with the query string as a dictionary. It appears in my output as:

QueryString: {
    someKey: "UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL#"
}

I can successfully filter by specifying the key:

QueryString['someKey'] like '%UNION ALL SELECT%' ci

However, if I change the index to the "any" wildcard, the expression no longer matches the log event:

QueryString[?] like '%UNION ALL SELECT%' ci

Am I doing something wrong, or is this not supported?

c# serilog serilog-expressions
Original Q&A
0

There are 0 answers

Related Questions in C#

Related Questions in SERILOG

Related Questions in SERILOG-EXPRESSIONS

Popular Questions

Popular Tags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json python-3.x ruby-on-rails .net sql-server swift django angular objective-c pandas excel

Trending Questions