Mathieu Lecarme
17224b8ac0
Fix: unsanitized user input
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
856da41b72
Authorization
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
94d0f55738
Bring your own headers.
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
d99feefe2a
Tenant ID.
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
c2b3d752a2
DSN.
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
c46fb2be6c
OK, it's this test logs, not an old run.
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
4570046da6
Simpler JSON.
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
6c213828a4
Read loop.
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
92e3ea565b
Lazy query. More error.
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
6632bcaccd
Handling empty JSON. Does it really happen?
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
5937d6cf44
Since.
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
bd28c2c1bc
Fix: specific entry unmarshal
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
b17711ed99
Push log to Loki.
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
7037463fcc
Stream test draft.
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
01646c7731
Test and fix config.
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
437c2af8e2
Prometheus counter. Better URL handling. Streamin acquisition.
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
bc6f327998
Ready and Read once.
2023-10-15 21:49:17 +02:00
Mathieu Lecarme
343724be15
loki draft.
2023-10-15 21:49:17 +02:00
blotus
43ef32aa8d
Kafka acquisition: do not create empty events when a read error occurs ( #2466 )
2023-09-13 13:20:36 +02:00
mmetc
d45bec4047
minor log message improvements ( #2455 )
2023-09-12 11:04:56 +02:00
mmetc
c588be0842
golangci-lint: use v1.54, remove unnecessary byte/string conversions ( #2438 )
2023-08-25 16:22:10 +02:00
mmetc
cd9d8f309d
CI: increase test sleep to fix flaky acquisition/file test under win ( #2410 )
...
* CI: increase test sleep to attempt fix for flaky windows acquitition/file test
* wip
2023-08-08 16:11:32 +02:00
mmetc
ffadd42779
update dependency on go-cs-lib; drop the pkg/ part ( #2393 )
2023-07-28 16:35:08 +02:00
blotus
f9ca14f010
add object key in src for S3 acquis ( #2342 )
2023-07-07 10:09:18 +02:00
blotus
1295de928a
Properly match new files on windows when doing file acquisition ( #2329 )
2023-07-06 14:45:38 +02:00
mmetc
bd41f855cf
errors.Wrap -> fmt.Errorf ( #2317 )
2023-06-29 11:34:59 +02:00
mmetc
a910b7beca
non-fatal error if some datasource can't be run (i.e. journalctl but systemd is missing) ( #2309 )
...
This on the other hand, gives a new fatal error when there are no valid datasources.
In the previous version, crowdsec kept running with just a warning if no
acquisition yaml or dir were specified.
2023-06-27 10:13:13 +02:00
mmetc
9beb5388cb
errors.Wrap -> fmt.Errorf; clean up imports ( #2301 )
2023-06-23 14:04:58 +02:00
mmetc
8bfeb7d90d
Update go dependencies ( #2293 )
...
- update fatih/color (fix windows issue)
- update mongo-driver (fix build issue)
- go.mod: merge two "require" blocks
- update semver dependency (same version as indirect dep), fix test checks in cscli setup
- remove gotest.tools dependency (use testify, cstest)
- update x/ exp, mod, sys dependencies
2023-06-22 11:31:41 +02:00
mmetc
b2d3520519
decouple bouncer dependencies: use go-cs-lib in test code ( #2229 )
2023-05-25 15:37:44 +02:00
mmetc
025f14f879
merge system cert pool with own certs ( #2226 )
2023-05-25 10:10:58 +02:00
mmetc
534328ca30
decouple bouncer dependencies: use go-cs-lib/pkg/* ( #2216 )
...
* decouple bouncer dependencies: use go-cs-lib/pkg/trace
* decouple bouncer dependencies: use go-cs-lib/pkg/version
* decouple bouncer dependencies: use go-cs-lib/pkg/yamlpatch
* decouple bouncer dependencies: use go-cs-lib/pkg/csstring
* unused import
2023-05-23 10:52:47 +02:00
blotus
2701454f23
defaults to inotify to detect changes in file datasource to avoid too many call to stat() ( #2181 )
2023-05-09 10:03:55 +02:00
blotus
0279e549bd
check if the acquis tomb is dying while processing logs in replay mode for file/s3/docker ( #2152 )
2023-04-04 13:57:06 +02:00
mmetc
3132aa54b7
Properly load k8s audit configuration ( #2158 )
2023-04-03 21:55:31 +02:00
mmetc
3fa555fb25
Rename k8s_audit to k8s-audit (easier to type, consistent with labels) ( #2153 )
2023-04-03 09:53:38 +02:00
blotus
61bea26486
Add transform
configuration option for acquisition ( #2144 )
2023-03-29 16:04:17 +02:00
blotus
1095f6c875
use expr.Function for custom functions instead of passing them in the env ( #2133 )
2023-03-28 10:49:01 +02:00
mmetc
d769fff1e8
File acquisition: log "file reopen" events instead of writing to stderr ( #2139 )
2023-03-24 11:24:36 +01:00
blotus
dc38e5ac00
S3 acquisition datasource ( #2130 )
2023-03-21 13:54:52 +01:00
Thibault "bui" Koechlin
618be9ff68
properly update the time structure within event ( #2122 )
...
* properly update the time structure within event to ensure it works in time-machine
* move LIVE and TIMEMACHINE to pkg/types : less code needs to import leakybucket package, and we avoid duplicating constants
2023-03-16 16:25:50 +01:00
Manuel Sabban
b451d190b7
try to make reproducible build work ( #2119 )
...
Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
2023-03-13 17:26:33 +01:00
mmetc
e161507d08
Lint (type inference): remove redundant type declarations ( #2111 )
2023-03-09 11:56:02 +01:00
mmetc
ba4396e52c
fix flaky parser unit test ( #1985 )
2023-01-12 17:03:25 +01:00
mmetc
2d81e751a1
fix parser test 2k23 ( #1971 )
2023-01-04 15:46:16 +01:00
mmetc
ff88faf402
updated localstack dependencies, added build cache
2022-12-21 12:20:01 +01:00
blotus
fdda940ac0
Add Kubernetes audit acquisition ( #1767 )
2022-12-06 13:47:29 +01:00
mmetc
4a6a9c4355
acquisition: validate datasources before configuration (static checks) ( #1841 )
...
* acquisition: validate datasources before configuration (allow static configuration checks)
* remove comment
* import reviser, format
* error wrap
2022-11-30 17:36:56 +01:00
mmetc
104f5d1fe6
lint: error handling cleanup ( #1877 )
2022-11-29 09:16:07 +01:00
mmetc
895691dad1
enabled linters: gocritic, nilerr ( #1853 )
2022-11-07 10:36:50 +01:00