beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
1604 commits 83 branches 177 tags 151 MiB
Commit graph

439 commits

Author SHA1 Message Date
mmetc 4160bb8102
refact "cscli decisions" (#2804) 
* refact "cscli decisions"
* CI: relax mysql test timing
* lint
 2024-02-01 22:36:21 +01:00
mmetc f5fbe4a200
refact "cscli dashboard" (#2803) 2024-02-01 17:27:15 +01:00
mmetc 45c669fb65
refact "cscli papi" (#2802) 2024-02-01 17:27:00 +01:00
mmetc 825c08aa9d
refact "cscli simulation" (#2801) 2024-02-01 17:26:46 +01:00
mmetc af14f1085f
refact "cscli <itemtype>" (#2782) 2024-02-01 17:26:06 +01:00
mmetc e6f5d157b8
refact "cscli hub" (#2800) 2024-02-01 17:25:29 +01:00
mmetc 785fce4dc7
refact "cscli alerts" (#2778) 2024-02-01 17:24:00 +01:00
mmetc 17db4cb970
refact "cscli machines" (#2777) 2024-02-01 17:22:52 +01:00
mmetc 4192af30d5
refact "cscli bouncers" (#2776) 2024-01-31 12:40:41 +01:00
mmetc 6507e8f4cd
cscli: don't print use_wal warning (#2794) 2024-01-30 11:07:53 +01:00
mmetc 91b0fce955
option to override hub url template. for testers only. (#2785) 2024-01-25 12:53:20 +01:00
mmetc 8c75efdb2a
lint: disallow naked returns (#2771) 2024-01-24 17:31:34 +01:00
mmetc f75cdeb239
lint: enalble linter "wastedassign" (#2772) 2024-01-24 17:31:11 +01:00
mmetc 455acf7c90
lapi/papi: when receiving alerts, log and discard invalid addr/range (#2708) 
https://github.com/crowdsecurity/crowdsec/issues/2687
 2024-01-22 12:24:26 +01:00
Thibault "bui" Koechlin 19d36c0fb2
Support console options in console enroll (#2760) 
* make dev.yaml has a valid/default console path

* simplify and make more consistent help message about console opts

* allow enroll to specify options to enable

* allow 'all' shortcut for --enable
 2024-01-19 15:49:00 +01:00
blotus 421ef3bf9c
add cpu-profile flag (#2723) 2024-01-16 11:40:29 +01:00
Thibault "bui" Koechlin 6ca053ca67
fix #2720 #2719 (#2724) 
* fix order of display of parsers

* add a --no-clean opt
 2024-01-15 09:16:03 +01:00
mmetc 0ef5f20aa7
bin/crowdsec: avoid writing errors twice when log_media=stdout (#2729) 
* bin/crowdsec: avoid writing errors twice when log_media=stdout
* lint
 2024-01-12 14:44:09 +01:00
mmetc fca8883cd9
cscli capi status -> message for missing credentials (#2730) 
* cscli capi status -> message for missing credentials
* lint
 2024-01-12 14:41:36 +01:00
mmetc 260f5a7992
pkg/cwhub: improve error messages (#2712) 
* pkg/cwhub: improve error messages
* lint
 2024-01-11 10:28:58 +01:00
mmetc f306d59016
logging: full timestamp with timezone in crowdsec.log (#2707) 
RFC3339 = "2006-01-02T15:04:05Z07:00" (same as /var/log/syslog)
 2024-01-08 21:20:25 +01:00
AlteredCoder bd47dac6a3
Fix #2697 (#2702) 
* Print also sec lang rules in cscli inspect
 2024-01-08 16:44:05 +01:00
blotus 5d5a1117e1
Send installed appsec rules as part of the scenarios on login (#2704) 2024-01-08 14:33:53 +01:00
Sebastien Blot ecd1a8bfed
Revert "Send installed appsec rules as part of the scenarios on login" 
This reverts commit f99f003a50.
 2024-01-08 10:54:39 +01:00
Sebastien Blot f99f003a50
Send installed appsec rules as part of the scenarios on login 2024-01-08 10:54:07 +01:00
mmetc a504113186
lint (wsl) (#2692) 2024-01-03 10:55:41 +01:00
mmetc ca784b147b
test and log fixes (#2690) 
* cscli inspect: suggest --diff if an item is tainted
* appropriate warning, or error if context configuration file is empty
* fix user/group lookup unit test
* fix: allow hub upgrade --force with local items
* fix pkg/parser lookup for 8.8.8.8
* fix func test
* fix hubtests: machines add --force
 2024-01-03 09:33:52 +01:00
Laurence Jones bc9bfa81b2
[notifications] fix segfault because url is not loaded (#2679) 2023-12-21 12:27:34 +00:00
Laurence Jones 2212c2f847
[notifications] Fix bug, list show non active (#2678) 
* Fix bug, show non active notifications and sort based on profiles

* diff fix
 2023-12-21 11:16:54 +00:00
blotus 33e3fdabe4
Appsec additional fixes (#2676) 2023-12-21 11:51:04 +01:00
mmetc 6e34d609b7
cscli: silence cwhub logger for non-hub related commands (#2675) 2023-12-19 17:20:09 +01:00
mmetc 08694adf1b
lint (errorlint) (#2644) 2023-12-18 09:35:28 +01:00
mmetc a79fcaf378
Add "taintedBy" and "--diff" flag to cscli... inspect (#2665) 
* "cscli inspect" reports tainted sub-items
* cscli... inspect --diff
* unified diff
* option --diff --rev
* tainted message
* correctly report multiple taint reasons
 2023-12-15 15:27:22 +01:00
mmetc a851e14c88
improve deprecation message with file location (#2662) 
* better "lapi context" messages
* func tests: include all items in hub_purge_all
* docker + tests: update yq
 2023-12-14 16:11:11 +01:00
AlteredCoder a941576acc
Improvement to run hubtest for appsec in docker (#2660) 2023-12-14 16:05:16 +01:00
mmetc 67cdf91f94
Short build tag in version number (#2658) 
* use short commit hash in version number
* var -> const
* cscli: extract version.go, doc.go
* don't repeat commit hash in version number
 2023-12-14 09:16:38 +01:00
Thibault "bui" Koechlin 51f70e47e3
Minor improvements to hubtest and appsec component (#2656) 2023-12-13 17:45:56 +01:00
mmetc 12d9fba4b3
cscli machines: lint + write output to stdout instead of log (#2657) 
* feedback on stdout, not log.Info
* rename parameters to silence warnings from "unusedparams"
* debian postinst: skip duplicate warnings with 'cscli machines add'
* rpm postinst: skip duplicate warnings in 'cscli machines add'
* update func tests
* debian prerm: if dashboard remove fails, explain it's ok
* debian prerm: suppress warnings about wal, capi when attempting to remove the dashboard
* wizard.sh: log format like crowdsec
 2023-12-13 15:43:46 +01:00
Laurence Jones b1c9717e21
[http plugin] Add capath, certpath, keypath to load custom certs (#2634) 
* Add cacert, certpath, certkey to http plugin to load custom cetificates

* rename func to get tls client as it doesnt make sense calling it api

* Fix is capath is empty we should return the current certificates

* Remove comment
 2023-12-12 10:36:45 +00:00
mmetc c10aad79d9
cscli refact / encapsulate methods for capi, hubtest, dashboard, alerts, decisions, simulation (#2650) 2023-12-11 10:32:54 +01:00
blotus 04f3dc09f9
remove PAPI feature flag (#2601) 2023-12-08 14:55:45 +01:00
mmetc 84cbff16d4
restrict file permissions from "machines add" (#2648) 2023-12-08 10:51:15 +01:00
mmetc 4acb4f8df3
cwhub: context type (#2631) 
* add hub type "context"
* cscli lapi: log.Fatal -> fmt.Errorf; lint
* tests for context.yaml
* load console context from hub
* original & compiled context
* deprecate "cscli lapi context delete"
$ cscli lapi context delete
Command "delete" is deprecated, please manually edit the context file.
* cscli completion: add appsec-rules, appsec-configs, explain, hubtest
 2023-12-07 16:20:13 +01:00
mmetc 3e86f52250
cscli refact - encapsulation with types (#2643) 
* refactor type cliHub, cliBouncers, cliMachines, cliPapi, cliNotifications, cliSupport, type cliExplain
 2023-12-07 14:36:35 +01:00
Thibault "bui" Koechlin 8cca4346a5
Application Security Engine Support (#2273) 
Add a new datasource that:
- Receives HTTP requests from remediation components
- Apply rules on them to determine whether they are malicious or not
- Rules can be evaluated in-band (the remediation component will block the request directly) or out-band (the RC will let the request through, but crowdsec can still process the rule matches with scenarios)

The PR also adds support for 2 new hub items:
- appsec-configs: Configure the Application Security Engine (which rules to load, in which phase)
- appsec-rules: a rule that is added in the Application Security Engine (can use either our own format, or seclang)

---------

Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: mmetc <92726601+mmetc@users.noreply.github.com>
Co-authored-by: Marco Mariani <marco@crowdsec.net>
 2023-12-07 12:21:04 +01:00
mmetc 90d3a21853
CI: use go 1.21.5 (#2640) 
* use go 1.21.5
* Simpler go:build directives
 2023-12-06 12:38:36 +01:00
mmetc 1ab4487b65
cscli hub list: show only non-empty tables with -o human 
* agent config: remove unused LintOnly bool
* Item.IsLocal() -> Item.State.IsLocal(); split method InstallStatus()
* cscli hub list: show only non-empty tables with -o human
 2023-12-05 13:38:52 +01:00
mmetc 486f96e7ac
cscli context detect: fix nil dereference (#2635) 
* cscli context detect: fix nil dereference
* Remove log.warning for missing pattern
 2023-12-05 12:08:35 +01:00
mmetc 0f3ae64062
cscli config show: pretty print with package "litter" (#2633) 2023-12-05 10:38:21 +01:00
mmetc 23968e472d
Refact bouncer auth (#2456) 
Co-authored-by: blotus <sebastien@crowdsec.net>
 2023-12-04 23:06:01 +01:00