Sanitization script generates invalid IP addresses, preventing analysis with ESDiag #876
Description
The scrub script used to sanitize diagnostic data is replacing original IP addresses with IPs from an invalid or non-standard range. When we attempt to ingest this sanitized data into our Elastic environment for analysis with ESDiag, the process fails because the generated IP addresses are not recognized as valid.
To Reproduce
Steps to reproduce the behavior:
Generate a sanitized diagnostic file using the standard scrubbing script.
Observe the IP addresses in the output file. They fall into a range that is not a valid private (RFC 1918) or public IP address block.
Attempt to use this sanitized file as a data source for ESDiag.
The tool is unable to parse or utilize the data due to the malformed IP addresses.
Expected behavior
The sanitization script should replace IP addresses with addresses from a valid private IP range, such as those defined in RFC 1918. This would ensure that the sanitized data is well-formed and can be seamlessly used by ESDiag and other analysis tools.
Suggested Solution
We request that the IP address range used in the scrub script be updated to one of the following standard private network ranges:
10.0.0.0/8 or something similar
Using a valid range will enable us to effectively troubleshoot issues using sanitized diagnostics.