log_format_utils/generate_logformat_regex special characters usage: ( and )

[ernstleierzopf]

in DetectMateService/demo/config/parser_config.yaml the corrected log_format should be log_format: "type=<Type> msg=audit(<Time>:*): <Content>". However, the log_format_utils/generate_logformat_regex method treats ( and ) as regex groups and therefore following config needs to be used: log_format: "type=<Type> msg=audit\\(<Time>:*\\): <Content>".

I argue, that this is not intended and regex groups are not necessary when using the templates.

Therefore ( and ) should be escaped in this method as users do not expect this behavior.

[viktorbeck98]

@ernstleierzopf has this been solved by #64?

[ernstleierzopf]

Yes. Automated closing with Fixes # does not work..