beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
602 commits 83 branches 177 tags 151 MiB
Commit graph

602 commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
alteredCoder 6c27e1216c first commit 2021-11-19 18:32:59 +01:00
blotus dd03d07355
optimize the flush function by deleting alerts based on their id (#1054) 2021-11-17 10:15:38 +01:00
he2ss 0652e9ed08
feature cscli|crowdsec add additional labels on crowdsec dsn run (#1053) 
* feature cscli|crowdsec add additional labels on crowdsec dsn run
 2021-11-17 10:08:46 +01:00
Thibault "bui" Koechlin 3c768490ba
fix #873 without breaking backward (#1052) 2021-11-15 14:16:18 +01:00
Kerma Gérald 37c2a10e21
Use math.MaxInt32 instead of math.MaxUint32 (#980) 
To fix 32 bits compilation in v1.2.0
https://github.com/crowdsecurity/crowdsec/issues/979

Signed-off-by: Kerma Gérald <gandalf@gk2.net>
 2021-11-15 12:14:04 +01:00
Kavin 0ffbbbec61
Add ARM docker images. (#1051) 2021-11-15 12:09:19 +01:00
Thibault "bui" Koechlin 7362828a3b
add --failures to explain feature : only display failed lines (#1048) 
* add --failures to explain feature : only display failed lines

* no error no problem
 2021-11-08 18:01:43 +01:00
mmetc a4998913d8
install coreutils under alpine; do not copy notification configuration (#1044) 
under Docker; assume systemctl is not running if it does not exist
 2021-11-03 16:56:44 +01:00
Thibault "bui" Koechlin 8b0527bf9d
add evt. (#1045) 2021-11-03 15:17:48 +01:00
mmetc 7ca3625706
removed legacy cron script (#1040) 2021-11-02 17:00:03 +01:00
AlteredCoder fb54388e93
Fix issue 1033 (#1034) 
* Fix issue 1033
 2021-11-02 12:16:33 +01:00
Thibault "bui" Koechlin d1ce543440
Improve explain (#1039) 
* improve explain feature

* nicer display for details, --verbose in favor of --debug for details
 2021-11-02 12:06:01 +01:00
Shivam Sandbhor cbada3d435
Allow using cloudwatch using iam role instead of hardcoded tokens (#1035) 2021-11-02 10:25:35 +01:00
Shivam Sandbhor 4bf996a716
Make docker start executable (#1031) 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2021-11-02 10:24:30 +01:00
mmetc f10187bd6d
typos (#1036) 2021-11-02 09:19:22 +01:00
mmetc 4708b509e6
.gitignore plugin binaries (#1037) 2021-11-02 09:19:10 +01:00
Shivam Sandbhor 9034bb7919
Allow user to specify key for bouncers. (#1026) 
* Allow user to specify key for bouncers.

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2021-11-02 08:37:51 +01:00
Thibault "bui" Koechlin 2b2a11fec7
Extra syslog debug (#1030) 
* extra logging
 2021-11-01 20:55:03 +01:00
Thibault "bui" Koechlin 02886140a7
add a --key to cscli config show (#1029) 
* add a --key to cscli config show
 2021-10-28 09:32:59 +02:00
AlteredCoder cf57c89177
add name and alias in cscli console enroll (#950) 
* add name and alias in cscli console enroll
 2021-10-26 15:33:17 +02:00
blotus 0d46890d6b
add --limit parameter to cscli decisions list (#1025) 2021-10-26 13:33:59 +02:00
blotus 25a2d528b0
Alerts flush: Optimization of the flush mechanism (batch and limit to one job) + add cscli alerts flush command (#1024) 
- Don't allow running more than one alert flush job at a time to prevent runaway CPU usage in some case. (fix High CPU after Upgrade to 1.2.0 #1022)
 - Add a cscli alerts flush command to manually flush the alerts in the database (fixes Improvement/Manual flush mechanism #1023 ).
 - Enable cascading deletion on alerts as we upgraded ent: Deleting an alert in the database will automatically delete all related decisions, events and meta
 - Add an index on alerts.id to try to improve flush performance with very big sqlite database.
- Flush alert now operates in batch
 2021-10-26 13:33:45 +02:00
Thibault "bui" Koechlin 76a80380e7
don't wait on tomb if no datasources were started (#1019) 2021-10-24 11:07:45 +02:00
Thibault "bui" Koechlin 3f99330b3d
Entgo 0.9 (#1018) 
* update entgo & sqlite to latest version

* schema update
 2021-10-22 16:15:57 +02:00
blotus 66919924d3
don't attempt to start crowdsec if LAPI has been disabled with debconf (#1016) 2021-10-22 10:49:44 +02:00
Shivam Sandbhor a7b1c02bd5
Fix bugs in cloudwatch acq (#991) 
* Fix bugs in cloudwatch acq

- Fix concurrent writes to map streamIndexes
- Fix multiple cases of modifying while iterating on slice.
- Fix order of fetching cloudwatch events.
- Remove `startup` hack.

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>

* Fix cloudwatch tests

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2021-10-22 10:35:05 +02:00
Manuel Sabban 0d075f32cd
fix perms in package installation (#1012) 
* fix perms

Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
 2021-10-22 10:14:15 +02:00
mmetc b6bce96350
remove plugins with "make clean" (#1015) 2021-10-22 10:12:27 +02:00
he2ss 4d4d6d802c
fix #1008 + regenerate localhost credentials on start (#1009) 2021-10-14 17:02:38 +02:00
Thibault "bui" Koechlin 3bb2128bf4
fix sort :/ (#1007) 2021-10-12 19:16:24 +02:00
Thibault "bui" Koechlin 1bd6b8f7b9
Multiple fixes (#1006) 
* fix #1005 : timestamp in trigger timemachine buckets

* attempt at consistent bucket order for hubtest
 2021-10-12 14:09:17 +02:00
Thibault "bui" Koechlin 2961a0ed02
ensure machineID is included early enough into the alert (#1004) 2021-10-11 15:02:16 +02:00
AlteredCoder 203be9bfbf
fix typo in cscli help command (#1001) 
* fix typo in cscli help command

* Update hubtest.go
 2021-10-08 16:53:02 +02:00
blotus 2bc9f33e12
add ParseUri() expr helper (#994) 2021-10-08 16:50:31 +02:00
alteredCoder 6bd80dbb86 update hubtest workflow 2021-10-07 16:45:28 +02:00
AlteredCoder cc653ce0d7
Update README.md 2021-10-07 15:04:53 +02:00
AlteredCoder 3b4c773890
fix hubtest CI (#1000) 2021-10-05 12:13:57 +02:00
AlteredCoder 0ccc69696b
Break on success when alert already has decision (#997) (#999) 
* Break on success when alert already has decision (#997)

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2021-10-05 11:30:34 +02:00
alteredCoder 079172568a fix the CI coverage generation 2021-10-05 10:19:19 +02:00
alteredCoder 5c7f873e18 fix the coverage badge generation 2021-10-05 10:15:12 +02:00
alteredCoder 1e200d99d8 fix hubtest CI for coverage 2021-10-05 10:02:59 +02:00
alteredCoder 285351f4f9 fix hubtest CI for coverage 2021-10-05 09:56:18 +02:00
AlteredCoder 37eedce72e
add functionnal test for hubtest (#996) 
* add hubtest in functionnal test
 2021-10-05 09:52:55 +02:00
alteredCoder de87d0d951 fix badge coverage generation 2021-10-04 18:07:36 +02:00
Thibault "bui" Koechlin af4bb350c0
hubtests revamp + cscli explain (#988) 
* New hubtest CI for scenarios/parsers from the hub
 * New `cscli explain` command to visualize parsers/scenarios pipeline

Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: he2ss <hamza.essahely@gmail.com>
Co-authored-by: Cristian Nitescu <cristian@crowdsec.net>
 2021-10-04 17:14:52 +02:00
Thibault "bui" Koechlin c2fd173d1e
fix node success logic (#993) 
* fix node success logic : only fail node on child failure if mother node has no successfull grok
 2021-09-28 17:58:07 +02:00
he2ss fb308d5596
fix plugins logging in right level (#990) 2021-09-28 14:44:21 +02:00
he2ss db5ffb0040
Update test env (#987) 
* update test_env
 2021-09-24 18:06:30 +02:00
Cristian Nitescu 9d2cd58f31
#975 Mysql default parser: parse also lines with using password NO (#976) 2021-09-24 10:49:49 +02:00
blotus f0db3742de
fix usage of regex.Match in cloudwatch module (#986) 2021-09-23 13:52:05 +02:00