beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
1462 commits 83 branches 177 tags 151 MiB
Commit graph

106 commits

Author SHA1 Message Date
Thibault "bui" Koechlin e4dcdd2572
fix include_capi filter (#2478) 2023-09-20 11:56:00 +02:00
Thibault "bui" Koechlin 4c08e1e68c
exclude 'lists' too if we exclude CAPI (#2474) 2023-09-19 13:56:22 +02:00
Thibault "bui" Koechlin 0040569fa9
if 'include capi' is false, only exclude capi alerts instead of assuming they necessarily have attached decisions (#2435) 2023-09-12 11:19:36 +02:00
mmetc d45bec4047
minor log message improvements (#2455) 2023-09-12 11:04:56 +02:00
mmetc fd94e2c056
refactor alert/decisions insert/update to avoid database locking in bulk operations (#2446) 2023-09-04 14:21:45 +02:00
mmetc 25868f27de
option db_client.decision_bulk_size (#2440) 2023-08-25 17:05:17 +02:00
mmetc e36df40ba7
pkg/types cleanup (#2398) 
* move function GetLineCountForFile from pkg/types to cscli
* move ParseDuration from pkg/types to pkg/database
* remove unused types.Profile, types.RemediationProfile
 2023-08-24 09:44:46 +02:00
Laurence Jones a18df9c3bb
Add bouncers prune command (#2379) 
* Add bouncers prune command

* No point overloading functions

* Add prune to list of commands

* change all short desc to be similar, and made it really really clear when pruning it is not recoverable

* Dont use log. and dont return error on user input to abort
 2023-07-28 15:37:39 +01:00
mmetc ffadd42779
update dependency on go-cs-lib; drop the pkg/ part (#2393) 2023-07-28 16:35:08 +02:00
Laurence Jones 55247cd46a
Add machines prune command (#2011) 
* Add machines prune command

* Fix scope variable for naming scheme

* Add some freshness and add new features

* Fix force and fix duration if less than 60

* Allow duration to be more readable

* Fix description

* Improve func wording and make int machines length

* No point overloading functions

* Add prune to list of commands

* Check if GID is already the group if so no need to chown

* Revert "Check if GID is already the group if so no need to chown"

This reverts commit c7cef1773e.

* change all short desc to be similar, and made it really really clear when pruning it is not recoverable

* Better examples

* Match bouncer like for like

* Fix merge error

* Dont use log. and dont return error on user input to abort
 2023-07-28 15:23:47 +01:00
mmetc 9967d60987
errors.Wrap -> fmt.Errorf (#2333) 2023-07-06 10:14:45 +02:00
mmetc 85839b0199
support for stdin with "cscli decision import" and raw values (#2291) 
and remove Origin from the struct, which was ignored anyway
 2023-06-27 14:29:42 +02:00
mmetc 8bfeb7d90d
Update go dependencies (#2293) 
- update fatih/color (fix windows issue)
- update mongo-driver (fix build issue)
- go.mod: merge two "require" blocks
- update semver dependency (same version as indirect dep), fix test checks in cscli setup
- remove gotest.tools dependency (use testify, cstest)
- update x/ exp, mod, sys dependencies
 2023-06-22 11:31:41 +02:00
mmetc f7409d47be
fix error message when failing to parse ip address (#2292) 
Co-authored-by: Thibault "bui" Koechlin <thibault@crowdsec.net>
 2023-06-21 09:22:25 +02:00
mmetc 396dcf8e6e
dependencies: replaced function calls to pkg/types, errors.Wrap (#2235) 
we now use a generic pointer function, and slowly remove the deprecated pkg/errors
 2023-06-01 16:31:56 +02:00
blotus 71b7a594bd
add indexes on the FK between alerts and {decisions,metas,events} (#2188) 2023-05-11 13:49:01 +02:00
Thibault "bui" Koechlin 8f71edaadd
do not error on this filter (#2182) 2023-05-04 13:06:15 +02:00
Thibault "bui" Koechlin 3041023ed8
add an optional flag to disable the fetch (#2169) 2023-04-14 11:39:16 +02:00
Thibault "bui" Koechlin 66dfded0cf
significantly increase the max number of scenarios to be sent (#2170) 2023-04-14 11:39:07 +02:00
blotus b1f2063a9a
Only support pgx driver for postgresql (#2118) 2023-03-16 11:02:31 +01:00
mmetc e161507d08
Lint (type inference): remove redundant type declarations (#2111) 2023-03-09 11:56:02 +01:00
mmetc 20a1bc7d44
chore: simplify pkg/database/alerts (#2062) 2023-02-23 10:25:01 +01:00
mmetc 76ea3a063f
fix message "empty scenario" 2023-02-21 09:59:56 +01:00
blotus 90c38db9f2
Stream decisions from db (#1927) 2023-02-20 15:26:30 +01:00
Cristian Nitescu 987f119c4b
v3 capi and blocklists links support (#2019) 
* v3 model generation

* v3 model generation

* comms

* fixes after master merge

* missing reader close

* use constants defined for types

---------

Co-authored-by: bui <thibault@crowdsec.net>
 2023-02-06 14:06:14 +01:00
Thibault "bui" Koechlin e927717fa0
Polling API Integration (#1715) 
Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: he2ss <hamza.essahely@gmail.com>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
 2023-01-31 14:47:44 +01:00
Laurence Jones fe23da6e0c
Add postgres socket support, clean some code (#1926) 2022-12-12 16:08:19 +00:00
Laurence Jones 11965f08db
Add socket support to mysql (#1911) 2022-12-08 09:33:08 +00:00
Laurence Jones 4ac01ed880
Update perms for group read (#1876) 2022-11-21 09:49:56 +00:00
Thibault "bui" Koechlin 3b4da7e637
fix #1860 : Only repeat the WAL warning once (#1863) 
* fix #1860
 2022-11-07 16:36:39 +01:00
blotus b7c4bfd4e3
Use explicit transaction when inserting community blocklist (#1835) 2022-10-26 10:48:17 +02:00
blotus bb2f0e938f
Blocklist: Do not duplicate decisions when pulling (#1796) 2022-10-19 15:51:40 +02:00
Thibault "bui" Koechlin ae6bf39495
support decisions deletion via scenario + alerts delete via ID (#1798) 2022-10-19 14:37:27 +02:00
Shivam Sandbhor 74659a82ab
Fast bulk alert delete (#1791) 2022-10-07 12:40:30 +02:00
AlteredCoder b95a67751e
Update ent and grokky package (#1772) 
* Update ent and grokky package
 2022-10-06 14:55:42 +02:00
mmetc 9b3be5c2e8
Bulk delete alert optimization (#1782) 2022-10-05 17:07:44 +02:00
blotus bfbe180101
Tighten windows sqlite database permissions (#1769) 2022-09-28 16:18:00 +02:00
blotus 9b3ff82542
add WAL support for sqlite (#1752) 2022-09-14 15:09:54 +02:00
Thibault "bui" Koechlin bacea50485
allow user to disable decision deduplication (#1687) 
* allow user to disable decision deduplication
 2022-08-26 14:17:46 +02:00
AlteredCoder 1002affc16
cscli machines delete: return an error if machines doesn't exist (#1689) 
* cscli machines delete: return an error if machines doesn't exist
 2022-07-28 17:32:12 +02:00
Thibault "bui" Koechlin 0eea20fa7c
revert decision dedup behavior to 1.3.4 (#1675) 
* revert decision dedup behavior to 1.3.4
 2022-07-22 11:20:10 +02:00
AlteredCoder 02e0f3c095
Fix event.timestamp pointer usage (#1621) 
* Fix event.timestamp pointer usage

* avoid returning an error when creating alerts if something goes wrong during the parsing

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
 2022-06-30 17:35:42 +02:00
blotus 863facaa33
Properly handle expired decisions with different scopes (#1616) 2022-06-29 16:13:04 +02:00
Thibault "bui" Koechlin 15902dcba6
fix #1615 : cleanup based on heartbeat instead (#1617) 2022-06-29 13:21:58 +02:00
he2ss 7fafb483ad
Pkg/database/fix count decisions since by value (#1606) 
* fix CountDecisionsSinceByValue to have also expired decisions
 2022-06-23 12:04:07 +02:00
mmetc 628d7be1d8
simplify err.Error() to err when used in printf context (#1603) 2022-06-22 15:53:53 +02:00
he2ss 3d6f015211
Add duration expr to add duration formula (#1556) 
* add duration expr to add duration formula
 2022-06-22 11:29:52 +02:00
Thibault "bui" Koechlin a6ed08b239
Add alerts and decisions metrics, LAPI and agent timing prom metrics (#1546) 2022-06-22 11:14:34 +02:00
AlteredCoder 0a39066f9d
Fix #1552 (#1569) 2022-06-22 10:29:02 +02:00
mmetc d71279f023
added flag crowdsec --warning (#1461) 2022-06-22 09:38:23 +02:00