beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
973 commits 83 branches 177 tags 151 MiB
Commit graph

377 commits

Author SHA1 Message Date
Thibault "bui" Koechlin fe09737d80
Add support for machine heartbeat (#1541) 
* add the last_heartbeat field

* add heartbeat controller

* add endpoint of heartbeat

* heartbeat integration

* add last_heartbeat to cscli machines list
 2022-05-19 15:47:27 +02:00
mmetc 131ed1b0a7
error reporting (#1501) 
* unified error reporting, removed redundancy, tests
 2022-05-19 10:48:08 +02:00
Manuel Sabban 18030e6c58
add notifications command (#1537) 
* add notifications command

Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
 2022-05-18 16:13:33 +02:00
Shivam Sandbhor 220bbe5862
Document LAPI filters (#1535) 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-05-18 11:45:12 +02:00
mmetc 98f2ac5e7c
fix #1385: .yaml.local (#1497) 
Added support for .yaml.local files to override values in .yaml
 2022-05-18 10:08:37 +02:00
blotus 39f7e38444
retry to send alert to plugin channel if it fails (#1530) 2022-05-17 16:57:15 +02:00
Thibault "bui" Koechlin fbcb2ed7fd
Improve distinct/uniq behaviour (#1478) 
* make uniq/distinct use a cache that is independant of the bucket's cache_size

* add testing specifically for cache_size
 2022-05-17 12:45:53 +02:00
blotus 0449ec1868
Windows Support (#1159) 2022-05-17 12:14:59 +02:00
Cristian Nitescu a49b023a28
GetExprEnv usage optimization (#1515) 
* avoid multiples calls to GetExprEnv

* cache ExprEnv in node process

* use global expression env

* remove block profile rate
 2022-05-17 10:50:37 +02:00
blotus 8f111680bf
Allow to override statics in hubtest. (#1495) 2022-04-29 14:24:41 +02:00
blotus 64369b5c2b
add expr XML helpers (#1493) 2022-04-29 13:52:23 +02:00
blotus 392708a804
Fix docker flaky test (#1494) 2022-04-29 12:16:49 +02:00
AlteredCoder f22e4eb24e
Improve MySQL performance (#1477) 
* Improve MySQL performance
 2022-04-28 12:53:14 +02:00
AlteredCoder be977d1cc4
Fix cwhub collections uninstall dependencies (#1486) 
* Fix cwhub collections uninstall dependencies
 2022-04-27 18:28:03 +02:00
AlteredCoder a645c928d4
Fix decisions list with --no-simu flag (#1482) 
* Fix decisions list with --no-simu flag
 2022-04-27 11:05:40 +02:00
Greg Myers 0f4ab71f01
Fix typos in docs, comments, code (#1483) 2022-04-27 11:04:12 +02:00
AlteredCoder 44b11c2e5b
Fix hub items installation (#1481) 2022-04-26 17:37:07 +02:00
blotus 1bd8cc79c8
Kill the whole docker acquis in tests (#1475) 2022-04-22 16:56:22 +02:00
blotus 8909fbdb22
cleanup container state if the reader tomb dies by itself (#1470) 2022-04-22 10:52:44 +02:00
Thibault "bui" Koechlin 242706a475
fix journalctl deadlock on shutdown (#1468) 
* avoid being locked sending termination error while the reading routine - on the chan - died
 2022-04-21 14:02:25 +02:00
AlteredCoder 4273a0f243
cscli: add autocompletions for hubitems (#1465) 
* Add autocompletion for hub items in cscli
 2022-04-20 15:44:48 +02:00
he2ss 615895da9d
cscli: add force enroll feature (#1430) 
* cscli: add force enroll feature
 2022-04-20 13:34:17 +02:00
Thibault "bui" Koechlin e6a35e8714
Improve plugins grouping (alternative to #1424) (#1437) 
* Fix races in test (#1446)

Co-authored-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: AlteredCoder <64792091+AlteredCoder@users.noreply.github.com>
 2022-04-19 19:12:23 +02:00
AlteredCoder 526a4dbd08
Reduce the query unescape helper verbosity (#1447) 2022-04-19 12:31:29 +02:00
Shivam Sandbhor 8060f54f27
Cwhub testing (#1438) 
* Add tests in cwhub and fix collection upgrade(#1431)

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com

Co-authored-by: bui <thibault@crowdsec.net>
Co-authored-by: Thibault "bui" Koechlin <orixxx@gmail.com>
 2022-04-19 12:07:35 +02:00
mmetc 4b9a0c4ef7
typos (#1453) 2022-04-19 11:25:27 +02:00
Shivam Sandbhor 4a3ec85686
Update bouncer pull in rupture mode (#1445) 
* Update bouncer pull in rupture mode

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-04-15 12:24:01 +02:00
AlteredCoder 71165bcd30
Send all installed scenario to LAPI (#1277) 2022-04-13 17:48:29 +02:00
AlteredCoder 099469c5d2
Fix hub loader to support '.yml' files (#1433) 2022-04-11 16:13:20 +02:00
Shivam Sandbhor a8089c8ddb
Add origins param in decision stream service (#1429) 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-04-07 12:40:27 +02:00
blotus 9cf2d5ab5c
handle containers with TTY in docker acquis (#1422) 2022-04-05 10:31:36 +02:00
Thibault "bui" Koechlin ba7f4fcec0
make this info level (#1409) 
* make this info level
 2022-04-01 15:31:33 +02:00
Thibault "bui" Koechlin d8dc01cd94
Revamp unit tests (#1368) 
* Revamp unit tests
* Increase coverage
* Use go-acc to get cross packages coverage

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-03-29 14:20:26 +02:00
Håvard Moen 42ff269bc8
add back dialect to handle pgx correctly (#1376) 2022-03-23 09:29:22 +01:00
AlteredCoder 411baa4dcf
Improve cscli metrics units (#1374) 
* Improve cscli metrics units
 2022-03-21 12:13:36 +01:00
Shivam Sandbhor c5566e92f3
Fix 1262 pgsql conflict resolve (#1363) 
* Fix api for all dbs (#1310)
* DB agnostic lapi sanitize

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>

* Update ent

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>

* Fix go dep mess.

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-03-17 14:12:13 +01:00
Shivam Sandbhor 023ac9e138
Add trusted IPs which have admin API access (#1352) 
* Add trusted IPs which have admin API access
 2022-03-16 17:28:34 +01:00
Shivam Sandbhor 42a1bc0260
Add query param to filter decisions by scenarios and origin (#1294) 
* Add query param to filter decisions by scenarios
 2022-03-16 14:37:42 +01:00
Shivam Sandbhor bb30a3f966
Don't omit fields of bouncer in json (#1354) 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-03-16 09:40:34 +01:00
Thibault "bui" Koechlin a74a41dac5
fix #1357 (#1358) 2022-03-16 09:40:00 +01:00
Shivam Sandbhor 76e97303a5
Deprecate pid_file config (#1346) 
* Deprecate pid_file config

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>

* Fix unit test

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>

* Impl review suggestions.

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-03-16 09:23:49 +01:00
j-k 2cd3248431
refactor: use runtime rather than ldflags for go details (#1302) 2022-03-14 11:29:34 +01:00
mmetc 4e6b9597f8
fix for https://staticcheck.io/docs/checks#SA2002 (#1334) 2022-03-10 13:53:33 +01:00
mmetc 7c0593c659
noop code removal, typos and lint fixes (#1329) 2022-03-09 16:15:18 +01:00
mmetc 10ce45c054
allow notification plugins to work on freebsd and non-root functional tests (#1253) 
* random uuid for all platforms
* check group writable and setgid; don't check group ownership
* allow user to run plugins without changing desired user/group (set them to "")
 2022-03-09 12:09:50 +01:00
Thibault "bui" Koechlin 5a15f9b39b
bailout on incompatible duration format (#1326) 2022-03-08 18:18:36 +01:00
mmetc e35efc5b2d
fix check uid, gid values (#1309) 2022-03-07 10:16:34 +01:00
Thibault "bui" Koechlin b66366c28c
Revert "Handle decisions with varying expiry for same IP (#1262)" (#1308) 
This reverts commit e4f6cdfc14.
 2022-03-04 10:17:31 +01:00
mmetc c5dda0ffba
fix: deny copy folder to itself or subpath (#1299) 2022-03-02 11:30:04 +01:00
Shivam Sandbhor c3dbe0080c
Exit syslog acquis only after server is dead (#1288) 2022-03-01 11:32:28 +01:00
blotus fb74b2fda7
Improve LAPI performance when under high load (#1273) 2022-02-17 17:52:04 +01:00
Shivam Sandbhor e4f6cdfc14
Handle decisions with varying expiry for same IP (#1262) 
* Upgrade ent and add sql/modifier in codegen

* update db wrappers to sanitize LAPI

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-02-16 15:19:14 +01:00
mmetc 9bc7e6ffcf
Refactor unit tests to reduce line count (#1264) 2022-02-15 12:50:33 +01:00
Shivam Sandbhor 43d5690432
Detect missing plugin binary wrt profiles (#1252) 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-02-14 17:45:03 +01:00
AlteredCoder 8b90f4b2b2
Upgrade download datafiles if doesn't exist (#1254) 2022-02-14 16:51:06 +01:00
AlteredCoder 5a0843852a
add IpToRange helpers and allows to have an expression with scope Range (#1260) 
* add IpToRange helpers and allows to have an expression with scope Range
 2022-02-14 16:50:52 +01:00
mmetc 40ab8fa738
Atoi() -> ParseInt() (#1256) 2022-02-14 14:00:42 +01:00
Shivam Sandbhor 76e3612088
Check log level before dumping resp (#1243) 
* Check log level before dumping resp
* Sleep longer in func tests

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-02-08 15:40:01 +01:00
mmetc 5c7c12c62d
define cwversion.System (Platform) in "make static" too; show it with --version (#1238) 2022-02-04 13:02:45 +01:00
Thibault "bui" Koechlin dd53d19777
Make whitelist by expr debug level (#1236) 
* fix #616 : simply make it at debug level, so that the user can set his node to debug level if he really wants to see this. Otherwise it can be too spammy
 2022-02-03 17:04:18 +01:00
mmetc ad28a979e9
local control flow cleanup (#1215) 
removed redundant/unreachable returns, else branches, type declarations, unused variables
 2022-02-01 22:08:06 +01:00
mmetc 35eea39db7
allow Makefile to override /etc/crowdsec and /var/lib/crowdsec/data (#1221) 2022-02-01 10:34:53 +01:00
mmetc 8310c10ce3
console_config.yaml -> console.yaml (#1195) 2022-01-21 11:52:23 +01:00
mmetc 240e5ad3ab
remove trailing carriage return (#1194) 2022-01-21 11:35:21 +01:00
blotus 19323ba4aa
fix crash on upgrade with nil last push field (#1191) 2022-01-20 18:10:40 +01:00
AlteredCoder b93b8d9a2e
Support PGX (#1186) 
* Support PGX

* support sslmode
 2022-01-20 11:17:21 +01:00
Shivam Sandbhor 59a537514f
Check for errors before modifying proc attrs (#1181) 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-01-19 15:34:09 +01:00
Thibault "bui" Koechlin cc1ab8c50d
switch to utc time everywhere (#1167) 
* switch to utc time everywhere


Co-authored-by: alteredCoder <kevin@crowdsec.net>
 2022-01-19 14:56:05 +01:00
AlteredCoder b1a7ffb92f
fix postgreSQL count fail (#1184) 2022-01-19 14:50:53 +01:00
Thibault "bui" Koechlin c81fc87d4e
fix #1168 (#1179) 
* fix #1168
 2022-01-19 11:34:40 +01:00
Thibault "bui" Koechlin a88848009a
fix default perms for log file (#1177) 
* fix default perms
 2022-01-18 16:54:02 +01:00
Thibault "bui" Koechlin a17f150e5d
fix #1170 : display full message in debug mode when syslog cannot parse (#1176) 
* fix #1170 : display full message in debug mode when syslog cannot parse
 2022-01-18 09:54:01 +01:00
Thibault "bui" Koechlin 40ed810c0b
Gin upgrade (#1174) 
* upgrade gin / gin-jwt, and add a new 'trusted_proxies' option to provide trusted CIDRs
 2022-01-17 17:18:12 +01:00
Thibault "bui" Koechlin 6e92da76ad
lapi to capi : allow push of tainted/custom/manual decisions (#1154) 
* add console command to control signal sharing
* modify metrics endpoint to add lastpush

Co-authored-by: alteredCoder <kevin@crowdsec.net>
 2022-01-13 16:46:16 +01:00
blotus cc72800f50
Update LAPI swagger (#1155) 2022-01-11 16:45:34 +01:00
Thibault "bui" Koechlin 3bca25fd6d
lists support from central api (#1074) 
* lists support from central api

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
 2022-01-11 14:31:51 +01:00
blotus 4a11060930
Kinesis datasource (#1147) 2022-01-11 14:19:43 +01:00
Thibault "bui" Koechlin 6c676c4869
fix #1131 : complain when validating unknown machine (#1146) 2022-01-05 13:50:04 +01:00
Shivam Sandbhor ba71c55492
Fix cscli inpsect json output (#1145) 
* Fix cscli inpsect json output
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-01-05 10:42:27 +01:00
Thibault "bui" Koechlin 8e3004ebb3
fix race condition on repetitive trigger buckets creation (#1144) 2022-01-04 14:02:07 +01:00
Shivam Sandbhor 6c4ec64ca9
Fix json output of cscli hub list (#1143) 
* Fix json output of cscli hub list
* Fix functional tests.

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-01-04 11:49:23 +01:00
blotus f86ec1c389
Docker api version negotiation (#1135) 2021-12-30 12:21:49 +01:00
blotus 3105897f37
Allow to configure log rotation (#1130) 2021-12-28 11:59:03 +01:00
mmetc 7126f8f0ff
replaced &nbsp; (#1129) 2021-12-28 10:32:46 +01:00
AlteredCoder f86e0c0a5a
don't send decisions with negative duration to bouncers (#1117) 2021-12-21 10:23:30 +01:00
Sykursen 6a3adcff0e
Upgrade metabase to v41.5 (#1109) 2021-12-17 10:29:48 +01:00
Thibault "bui" Koechlin 106254f020
support for cancel_on (#1105) 
* cancel_on filter

* tests
 2021-12-17 09:56:02 +01:00
AlteredCoder d913ac160e
fix create alert bulk for decisions insertion (#1107) 
* fix create alert bulk for decisions insertion
 2021-12-16 18:26:19 +01:00
AlteredCoder 88d06260d7
add cscli decisions import (#1038) 
* add cscli decisions import

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: bui <thibault@crowdsec.net>
 2021-12-15 11:39:37 +01:00
AlteredCoder 458dcd1979
add more helpers (#1091) 
* add more exprhelpers
 2021-12-14 11:07:40 +01:00
Thibault "bui" Koechlin e5204bc1b1
fix #1083 : do not update/overwrite 'not installed' collections sub-items on 'cscli XX upgrade' (#1089) 
* fix #1083 : do not update/overwrite 'not installed' collections sub-items on 'cscli XX upgrade'
 2021-12-13 19:31:16 +01:00
mmetc c7fb6a1428
enabled -> enabling (#1090) 2021-12-13 13:14:29 +01:00
Manuel Sabban 4e6f6fe3a2
log4j vuln fix for metabase (#1082) 
Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
 2021-12-13 10:19:20 +01:00
mmetc 7dee103b6e
typos of various nature (#1072) 2021-12-06 17:29:23 +01:00
AlteredCoder 4917aa23c9
Docker datasource (#1064) 
* add docker datasource
 2021-12-02 15:55:50 +01:00
blotus dd03d07355
optimize the flush function by deleting alerts based on their id (#1054) 2021-11-17 10:15:38 +01:00
he2ss 0652e9ed08
feature cscli|crowdsec add additional labels on crowdsec dsn run (#1053) 
* feature cscli|crowdsec add additional labels on crowdsec dsn run
 2021-11-17 10:08:46 +01:00
Thibault "bui" Koechlin 3c768490ba
fix #873 without breaking backward (#1052) 2021-11-15 14:16:18 +01:00
Kerma Gérald 37c2a10e21
Use math.MaxInt32 instead of math.MaxUint32 (#980) 
To fix 32 bits compilation in v1.2.0
https://github.com/crowdsecurity/crowdsec/issues/979

Signed-off-by: Kerma Gérald <gandalf@gk2.net>
 2021-11-15 12:14:04 +01:00
Thibault "bui" Koechlin 7362828a3b
add --failures to explain feature : only display failed lines (#1048) 
* add --failures to explain feature : only display failed lines

* no error no problem
 2021-11-08 18:01:43 +01:00