Skip to main content
Panther Knowledge Base

Pantherlog test fails with CSV input

  1. Last updated
  2. Save as PDF

Issue

When trying to run a test with pantherlog on sample CSV input, the test fails even though the input is correct. 

Resolution

  1. Check if your input CSV statement has multiple lines
  2. If so, remove the extra line and change your input to just be one single line with your CSV sample event.
  3. Remove the hasHeader: true statement from your schema if it has one.

Cause

This issue can occur when you use multiple lines for your CSV input. For example if you have something like:

Screen Shot 2022-06-27 at 2.35.40 PM.png

Panther will treat these 2 lines as 2 separate events, but a test case can only have 1 event. In this case, the first line will be used as the event, and if your first line is just the CSV header line, this will either fail to classify, and/or simply not match your expected result for this test case.

 

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Page type
    Topic
  2. Tags
    This page has no tags.