beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
594 commits 83 branches 177 tags 151 MiB
Commit graph

594 commits

This branch
This branch
All branches
Author SHA1 Message Date
Thibault "bui" Koechlin 8b0527bf9d
add evt. (#1045) 2021-11-03 15:17:48 +01:00
mmetc 7ca3625706
removed legacy cron script (#1040) 2021-11-02 17:00:03 +01:00
AlteredCoder fb54388e93
Fix issue 1033 (#1034) 
* Fix issue 1033
 2021-11-02 12:16:33 +01:00
Thibault "bui" Koechlin d1ce543440
Improve explain (#1039) 
* improve explain feature

* nicer display for details, --verbose in favor of --debug for details
 2021-11-02 12:06:01 +01:00
Shivam Sandbhor cbada3d435
Allow using cloudwatch using iam role instead of hardcoded tokens (#1035) 2021-11-02 10:25:35 +01:00
Shivam Sandbhor 4bf996a716
Make docker start executable (#1031) 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2021-11-02 10:24:30 +01:00
mmetc f10187bd6d
typos (#1036) 2021-11-02 09:19:22 +01:00
mmetc 4708b509e6
.gitignore plugin binaries (#1037) 2021-11-02 09:19:10 +01:00
Shivam Sandbhor 9034bb7919
Allow user to specify key for bouncers. (#1026) 
* Allow user to specify key for bouncers.

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2021-11-02 08:37:51 +01:00
Thibault "bui" Koechlin 2b2a11fec7
Extra syslog debug (#1030) 
* extra logging
 2021-11-01 20:55:03 +01:00
Thibault "bui" Koechlin 02886140a7
add a --key to cscli config show (#1029) 
* add a --key to cscli config show
 2021-10-28 09:32:59 +02:00
AlteredCoder cf57c89177
add name and alias in cscli console enroll (#950) 
* add name and alias in cscli console enroll
 2021-10-26 15:33:17 +02:00
blotus 0d46890d6b
add --limit parameter to cscli decisions list (#1025) 2021-10-26 13:33:59 +02:00
blotus 25a2d528b0
Alerts flush: Optimization of the flush mechanism (batch and limit to one job) + add cscli alerts flush command (#1024) 
- Don't allow running more than one alert flush job at a time to prevent runaway CPU usage in some case. (fix High CPU after Upgrade to 1.2.0 #1022)
 - Add a cscli alerts flush command to manually flush the alerts in the database (fixes Improvement/Manual flush mechanism #1023 ).
 - Enable cascading deletion on alerts as we upgraded ent: Deleting an alert in the database will automatically delete all related decisions, events and meta
 - Add an index on alerts.id to try to improve flush performance with very big sqlite database.
- Flush alert now operates in batch
 2021-10-26 13:33:45 +02:00
Thibault "bui" Koechlin 76a80380e7
don't wait on tomb if no datasources were started (#1019) 2021-10-24 11:07:45 +02:00
Thibault "bui" Koechlin 3f99330b3d
Entgo 0.9 (#1018) 
* update entgo & sqlite to latest version

* schema update
 2021-10-22 16:15:57 +02:00
blotus 66919924d3
don't attempt to start crowdsec if LAPI has been disabled with debconf (#1016) 2021-10-22 10:49:44 +02:00
Shivam Sandbhor a7b1c02bd5
Fix bugs in cloudwatch acq (#991) 
* Fix bugs in cloudwatch acq

- Fix concurrent writes to map streamIndexes
- Fix multiple cases of modifying while iterating on slice.
- Fix order of fetching cloudwatch events.
- Remove `startup` hack.

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>

* Fix cloudwatch tests

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2021-10-22 10:35:05 +02:00
Manuel Sabban 0d075f32cd
fix perms in package installation (#1012) 
* fix perms

Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
 2021-10-22 10:14:15 +02:00
mmetc b6bce96350
remove plugins with "make clean" (#1015) 2021-10-22 10:12:27 +02:00
he2ss 4d4d6d802c
fix #1008 + regenerate localhost credentials on start (#1009) 2021-10-14 17:02:38 +02:00
Thibault "bui" Koechlin 3bb2128bf4
fix sort :/ (#1007) 2021-10-12 19:16:24 +02:00
Thibault "bui" Koechlin 1bd6b8f7b9
Multiple fixes (#1006) 
* fix #1005 : timestamp in trigger timemachine buckets

* attempt at consistent bucket order for hubtest
 2021-10-12 14:09:17 +02:00
Thibault "bui" Koechlin 2961a0ed02
ensure machineID is included early enough into the alert (#1004) 2021-10-11 15:02:16 +02:00
AlteredCoder 203be9bfbf
fix typo in cscli help command (#1001) 
* fix typo in cscli help command

* Update hubtest.go
 2021-10-08 16:53:02 +02:00
blotus 2bc9f33e12
add ParseUri() expr helper (#994) 2021-10-08 16:50:31 +02:00
alteredCoder 6bd80dbb86 update hubtest workflow 2021-10-07 16:45:28 +02:00
AlteredCoder cc653ce0d7
Update README.md 2021-10-07 15:04:53 +02:00
AlteredCoder 3b4c773890
fix hubtest CI (#1000) 2021-10-05 12:13:57 +02:00
AlteredCoder 0ccc69696b
Break on success when alert already has decision (#997) (#999) 
* Break on success when alert already has decision (#997)

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2021-10-05 11:30:34 +02:00
alteredCoder 079172568a fix the CI coverage generation 2021-10-05 10:19:19 +02:00
alteredCoder 5c7f873e18 fix the coverage badge generation 2021-10-05 10:15:12 +02:00
alteredCoder 1e200d99d8 fix hubtest CI for coverage 2021-10-05 10:02:59 +02:00
alteredCoder 285351f4f9 fix hubtest CI for coverage 2021-10-05 09:56:18 +02:00
AlteredCoder 37eedce72e
add functionnal test for hubtest (#996) 
* add hubtest in functionnal test
 2021-10-05 09:52:55 +02:00
alteredCoder de87d0d951 fix badge coverage generation 2021-10-04 18:07:36 +02:00
Thibault "bui" Koechlin af4bb350c0
hubtests revamp + cscli explain (#988) 
* New hubtest CI for scenarios/parsers from the hub
 * New `cscli explain` command to visualize parsers/scenarios pipeline

Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: he2ss <hamza.essahely@gmail.com>
Co-authored-by: Cristian Nitescu <cristian@crowdsec.net>
 2021-10-04 17:14:52 +02:00
Thibault "bui" Koechlin c2fd173d1e
fix node success logic (#993) 
* fix node success logic : only fail node on child failure if mother node has no successfull grok
 2021-09-28 17:58:07 +02:00
he2ss fb308d5596
fix plugins logging in right level (#990) 2021-09-28 14:44:21 +02:00
he2ss db5ffb0040
Update test env (#987) 
* update test_env
 2021-09-24 18:06:30 +02:00
Cristian Nitescu 9d2cd58f31
#975 Mysql default parser: parse also lines with using password NO (#976) 2021-09-24 10:49:49 +02:00
blotus f0db3742de
fix usage of regex.Match in cloudwatch module (#986) 2021-09-23 13:52:05 +02:00
blotus bd5c119f85
update golang.org/x/sys dep (#983) 2021-09-21 17:06:40 +02:00
blotus e92862213e
allow coveralls job to fail, as it is down :( (#984) 2021-09-21 12:45:38 +02:00
he2ss 990599a0b5
update docker entrypoint script (#982) 2021-09-21 10:54:05 +02:00
Shivam Sandbhor d10b5e2aa2
Update README.md (#974) 2021-09-15 15:43:01 +02:00
blotus 0ecfe75687
default to current GOOS in makefile (#973) 2021-09-14 15:42:34 +02:00
Thibault "bui" Koechlin f5e54083c7
fix static build (#971) 
* fix static build
 2021-09-14 15:32:35 +02:00
Manuel Sabban 6b5f272c0a
Func tests (#970) 
* stabilize func tests
* fix cold logs func tests
* add wait condition on mock server

Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
 2021-09-13 17:33:47 +02:00
he2ss ff400c9bca
fix docker image + install whitelists on build (#968) 
* fix docker image + install whitelists on build
 2021-09-13 10:48:48 +02:00