WAF rules report wrong name if using an `or` condition

[blotus]

If a custom WAF rule uses a or condition, when loading the rules, multiple rules will be generated but we only track the id of the 1st generated rule (which is enough for and, but not for or).

This means that if any other rule than the 1st one matches, we will consider the rule as being a custom one written in seclang, and will use the msg attribute of the rule as the name of the scenario, which will be the description in this case.

[github-actions]

@blotus: Thanks for opening an issue, it is currently awaiting triage.

In the meantime, you can:

1. Check Crowdsec Documentation to see if your issue can be self resolved.
2. You can also join our Discord.
3. Check Releases to make sure your agent is on the latest version.

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

[github-actions]

@blotus: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.

• /kind feature
• /kind enhancement
• /kind refactoring
• /kind bug
• /kind packaging

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.