Merge branch 'crowdsecurity:master' into master
This commit is contained in:
commit
25a8ab6163
2
.gitignore
vendored
2
.gitignore
vendored
|
@ -4,6 +4,8 @@
|
||||||
*.dll
|
*.dll
|
||||||
*.so
|
*.so
|
||||||
*.dylib
|
*.dylib
|
||||||
|
*~
|
||||||
|
.pc
|
||||||
|
|
||||||
# Test binary, built with `go test -c`
|
# Test binary, built with `go test -c`
|
||||||
*.test
|
*.test
|
||||||
|
|
|
@ -34,6 +34,7 @@ var (
|
||||||
func DecisionsToTable(alerts *models.GetAlertsResponse) error {
|
func DecisionsToTable(alerts *models.GetAlertsResponse) error {
|
||||||
/*here we cheat a bit : to make it more readable for the user, we dedup some entries*/
|
/*here we cheat a bit : to make it more readable for the user, we dedup some entries*/
|
||||||
var spamLimit map[string]bool = make(map[string]bool)
|
var spamLimit map[string]bool = make(map[string]bool)
|
||||||
|
var skipped = 0
|
||||||
|
|
||||||
/*process in reverse order to keep the latest item only*/
|
/*process in reverse order to keep the latest item only*/
|
||||||
for aIdx := len(*alerts) - 1; aIdx >= 0; aIdx-- {
|
for aIdx := len(*alerts) - 1; aIdx >= 0; aIdx-- {
|
||||||
|
@ -42,6 +43,7 @@ func DecisionsToTable(alerts *models.GetAlertsResponse) error {
|
||||||
for _, decisionItem := range alertItem.Decisions {
|
for _, decisionItem := range alertItem.Decisions {
|
||||||
spamKey := fmt.Sprintf("%t:%s:%s:%s", *decisionItem.Simulated, *decisionItem.Type, *decisionItem.Scope, *decisionItem.Value)
|
spamKey := fmt.Sprintf("%t:%s:%s:%s", *decisionItem.Simulated, *decisionItem.Type, *decisionItem.Scope, *decisionItem.Value)
|
||||||
if _, ok := spamLimit[spamKey]; ok {
|
if _, ok := spamLimit[spamKey]; ok {
|
||||||
|
skipped++
|
||||||
continue
|
continue
|
||||||
}
|
}
|
||||||
spamLimit[spamKey] = true
|
spamLimit[spamKey] = true
|
||||||
|
@ -100,6 +102,9 @@ func DecisionsToTable(alerts *models.GetAlertsResponse) error {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
table.Render() // Send output
|
table.Render() // Send output
|
||||||
|
if skipped > 0 {
|
||||||
|
fmt.Printf("%d duplicated entries skipped\n", skipped)
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
|
@ -23,7 +23,7 @@ static: clean
|
||||||
$(GOBUILD) $(LD_OPTS_STATIC) -o $(CROWDSEC_BIN) -v -a -tags netgo
|
$(GOBUILD) $(LD_OPTS_STATIC) -o $(CROWDSEC_BIN) -v -a -tags netgo
|
||||||
|
|
||||||
test:
|
test:
|
||||||
$(GOTEST) -v ./...
|
$(GOTEST) $(LD_OPTS) -v ./...
|
||||||
|
|
||||||
clean:
|
clean:
|
||||||
rm -f $(CROWDSEC_BIN)
|
rm -f $(CROWDSEC_BIN)
|
||||||
|
|
14
debian/README.md
vendored
Normal file
14
debian/README.md
vendored
Normal file
|
@ -0,0 +1,14 @@
|
||||||
|
|
||||||
|
# Building Debian/Ubuntu packages
|
||||||
|
|
||||||
|
It is not recommended to build your own packages for production environments.
|
||||||
|
|
||||||
|
However, if you want to experiment and contribute:
|
||||||
|
|
||||||
|
* Update the changelog (at least give it a correct version number)
|
||||||
|
* Run "QUILT_PATCHES=debian/patches quilt push -a && quilt refresh"
|
||||||
|
|
||||||
|
We do the above in the build pipeline, so you'll have to do it manually before running:
|
||||||
|
|
||||||
|
* dpkg-buildpackage -uc -us -b
|
||||||
|
|
|
@ -222,7 +222,7 @@ func (c *Client) QueryExpiredDecisionsSinceWithFilters(since time.Time, filters
|
||||||
}
|
}
|
||||||
|
|
||||||
func (c *Client) QueryNewDecisionsSinceWithFilters(since time.Time, filters map[string][]string) ([]*ent.Decision, error) {
|
func (c *Client) QueryNewDecisionsSinceWithFilters(since time.Time, filters map[string][]string) ([]*ent.Decision, error) {
|
||||||
query := c.Ent.Decision.Query().Where(decision.CreatedAtGT(since))
|
query := c.Ent.Decision.Query().Where(decision.CreatedAtGT(since)).Where(decision.UntilGT(time.Now()))
|
||||||
query, err := BuildDecisionRequestWithFilter(query, filters)
|
query, err := BuildDecisionRequestWithFilter(query, filters)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
c.Log.Warningf("QueryNewDecisionsSinceWithFilters : %s", err)
|
c.Log.Warningf("QueryNewDecisionsSinceWithFilters : %s", err)
|
||||||
|
|
Loading…
Reference in a new issue