beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
1372 commits 83 branches 177 tags 151 MiB
Commit graph

584 commits

Author SHA1 Message Date
Thibault "bui" Koechlin 718721b341
fix a confusing debug message (#2386) 
* fix a confusing debug message

* make CTIHelper simply log the error to avoid failing template rendering
 2023-07-28 09:52:21 +02:00
mmetc 5cb7013575
Check cscli preconditions with crowdsec-cli/require package (#2388) 2023-07-27 17:02:20 +02:00
mmetc a01ce18b98
replace imports of path with path/filepath (#2330) 2023-07-26 10:29:58 +02:00
Laurence Jones 389ea4293f
Add metabase version override and update (#2370) 
* Add version override and update

* Ooppsie

* Quick fix

* fgs copilot

* Allow user to overwrite image, add warning for exposing metabase and general cleanup

* One ix

* Default image if not found in config, and add a warning to remove and update

* Reorder check system memory checks so it inline with @mmetc best pratices

* No need for err

* Clean up some group code

* Change ipv6 as [] seems to wildcard

* Split loopback warn and disclaimer. Add force yes to start to allow user to accept disclaimer by default

* All cmd commands are RunE clean up

* Update flag name and dont allow a shorthand
 2023-07-25 14:21:25 +01:00
mmetc 395cace69f
fix double push of metrics by properly handling tickers (#2374) 2023-07-25 12:19:26 +02:00
blotus 7106d396dc
expose the FormatAlert function to other packages (#2248) 2023-07-25 09:55:39 +02:00
AlteredCoder b52b4252c1
scenario labels to map string interface (#2201) 
* labels are now map string interface

* restore api url

---------

Co-authored-by: Laurence Jones <laurence.jones@live.co.uk>
 2023-07-24 15:19:28 +02:00
mmetc 46fff0b544
Update dependency: docker/docker (#2360) 2023-07-24 11:53:33 +02:00
mmetc b6b6fd026b
typo fix, uppercase 'API', adjusted log level (#2361) 2023-07-21 23:23:24 +02:00
Manuel Sabban 9ac5aeda79
fix the ci by adding the ability to enforce event ordering (#2347) 
* fix the ci by adding the ability to enforce event ordering
 2023-07-20 11:41:30 +02:00
blotus f9ca14f010
add object key in src for S3 acquis (#2342) 2023-07-07 10:09:18 +02:00
blotus 1295de928a
Properly match new files on windows when doing file acquisition (#2329) 2023-07-06 14:45:38 +02:00
mmetc c10bca93df update dependencies on go-plugin and go-hclog (#2341) 
* update dependencies on go-plugin and go-hclog
* bump logrus (panic fix)
* implement HCLogAdapter.Getleve() to satisfy the new interface
 2023-07-06 12:01:07 +02:00
mmetc 9967d60987
errors.Wrap -> fmt.Errorf (#2333) 2023-07-06 10:14:45 +02:00
mmetc 17cd792826
CI: update ansible tests for re2 (#2318) 2023-06-29 16:35:19 +02:00
mmetc bd41f855cf
errors.Wrap -> fmt.Errorf (#2317) 2023-06-29 11:34:59 +02:00
blotus e61d5a3034
rename status to state in fire response (#2313) 2023-06-29 11:06:49 +02:00
mmetc 893394ef5f
rename metabase APIClient to avoid confusion (#2305) 2023-06-27 15:07:16 +02:00
mmetc e404e0b608
raise error with invalid 'on_success', 'on_failure' in profile (#2303) 2023-06-27 15:03:07 +02:00
mmetc 85839b0199
support for stdin with "cscli decision import" and raw values (#2291) 
and remove Origin from the struct, which was ignored anyway
 2023-06-27 14:29:42 +02:00
mmetc a910b7beca
non-fatal error if some datasource can't be run (i.e. journalctl but systemd is missing) (#2309) 
This on the other hand, gives a new fatal error when there are no valid datasources.
In the previous version, crowdsec kept running with just a warning if no
acquisition yaml or dir were specified.
 2023-06-27 10:13:13 +02:00
mmetc 507da49b5a
send metrics immediately if agents are added or removed (#2296) 2023-06-23 14:06:04 +02:00
mmetc 9beb5388cb
errors.Wrap -> fmt.Errorf; clean up imports (#2301) 2023-06-23 14:04:58 +02:00
mmetc e42841cd00
Change api_key encoding to base64 to comply with bcrypt max size (#2302) 2023-06-23 13:54:36 +02:00
mmetc 62caffb102
update leakybucket readme (#2298) 2023-06-22 15:35:01 +02:00
mmetc fddf597040
errors.Wrap -> fmt.Errorf; clean up imports (#2297) 2023-06-22 15:01:34 +02:00
mmetc 8bfeb7d90d
Update go dependencies (#2293) 
- update fatih/color (fix windows issue)
- update mongo-driver (fix build issue)
- go.mod: merge two "require" blocks
- update semver dependency (same version as indirect dep), fix test checks in cscli setup
- remove gotest.tools dependency (use testify, cstest)
- update x/ exp, mod, sys dependencies
 2023-06-22 11:31:41 +02:00
Emanuel Seemann 40e6b205bc
Add bayesian bucket type (#2290) 2023-06-21 15:08:27 +02:00
mmetc da6106bd23
spellcheck/style leakybucket readme (#2294) 2023-06-21 11:47:07 +02:00
mmetc f7409d47be
fix error message when failing to parse ip address (#2292) 
Co-authored-by: Thibault "bui" Koechlin <thibault@crowdsec.net>
 2023-06-21 09:22:25 +02:00
Laurence Jones 2c8769adf6
Update jsonextract.go (#2287) 
Return nil instead of empty string as ParseKV does the same
 2023-06-16 18:34:55 +01:00
mmetc b9a3acb03f
light pkg/parser cleanup (#2279) 
* pkg/parser: clean up imports
* remove duplicate import
* simplify boolean expression
* don't check length before range
* if..else if.. -> switch/case
* errors.Wrap -> fmt.Errorf
* typo, lint
* redundant break
 2023-06-13 13:16:13 +02:00
mmetc 76429f033a
trim pkg/types: move DataSet/GetData to pkg/cwhub, removed unused Clone function (#2271) 2023-06-08 16:49:51 +02:00
mmetc cf747d65e0
fix missing import (#2275) 2023-06-08 15:49:37 +02:00
mmetc 25bb23d8b7
minor refactor to pkg/types, cscli machines (#2270) 
* cleanup: separate ui and logic
* trim some code from pkg/types
 2023-06-08 15:08:51 +02:00
mmetc 6096cb3c9b
Move grok_pattern.go away from pkg/types to trim bouncer dependencies (#2269) 2023-06-08 15:07:30 +02:00
mmetc 8da9d5eefd
don't log notification error if not running under systemd (#2274) 2023-06-08 15:04:48 +02:00
mmetc 5b3200173e
don't pre-create log files (not required anymore) (#2267) 
The lumberjack package fixed the issue in natefinch/lumberjack#83 (tested with umask 002) and this code is now redundant since we updated the dependency to v2.2.1.
 2023-06-07 12:58:35 +02:00
mmetc edd062522d
build against libre2-dev if found (#2255) 2023-06-06 15:46:25 +02:00
mmetc 3cc6b2c0d0
CI: add tests for metrics configuration (#2251) 2023-06-05 23:17:30 +02:00
mmetc 0191faf3a8
update notif threshold test on windows (#2265) 2023-06-05 22:58:13 +02:00
mmetc e3cb4ab2c4
do not send more than group_threshold alerts at once to a notification plugin (#2264) 
* do not send more than group_threshold alerts at once to a notification plugin
* Use generic Chunks function, updated tests

---------

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
 2023-06-05 12:55:03 +02:00
mmetc a4eee41fd7
log.Warning if a notification is configured twice (#2240) 2023-06-02 14:41:50 +02:00
mmetc 396dcf8e6e
dependencies: replaced function calls to pkg/types, errors.Wrap (#2235) 
we now use a generic pointer function, and slowly remove the deprecated pkg/errors
 2023-06-01 16:31:56 +02:00
mmetc 12c32d507c
CI: refactoring pkg/csplugin tests (#2247) 2023-06-01 10:33:08 +02:00
mmetc 92a9d6c321
types.InSlice() -> slices.Contains() (#2246) 2023-05-31 12:39:22 +02:00
Laurence Jones 4fbc3402fb
Update KV ignore whitespace before and after = (#2236) 
* Update KV ignore whitespace before and after `=`

* Update helpers.go

Don't need whitespace infront of KEY

* Add some tests to ensure edge cases

* Ensure quoted and unquoted values act the same
 2023-05-26 15:35:46 +01:00
blotus 6720d89845
fix lock when dumping the parsing state in explain mode (#2234) 2023-05-26 15:23:50 +01:00
blotus f6924f8c57
generate asserts for evt.Unmarshaled in hubtest (#2214) 2023-05-26 11:44:58 +02:00
mmetc 9167bd107d
decouple bouncer dependencies: use go-cs-lib/pkg/ptr (#2228) 2023-05-25 15:43:39 +02:00