- Don't allow running more than one alert flush job at a time to prevent runaway CPU usage in some case. (fix High CPU after Upgrade to 1.2.0 #1022)
- Add a cscli alerts flush command to manually flush the alerts in the database (fixes Improvement/Manual flush mechanism #1023 ).
- Enable cascading deletion on alerts as we upgraded ent: Deleting an alert in the database will automatically delete all related decisions, events and meta
- Add an index on alerts.id to try to improve flush performance with very big sqlite database.
- Flush alert now operates in batch
* New hubtest CI for scenarios/parsers from the hub
* New `cscli explain` command to visualize parsers/scenarios pipeline
Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: he2ss <hamza.essahely@gmail.com>
Co-authored-by: Cristian Nitescu <cristian@crowdsec.net>
* avoid this confusing behaviour where 'cscli parsers/scenarios/... upgrade' won't tell a thing if no arguments are given (and won't do anything neither)
* avoid repeating warnings about available update to the user
* FreeBSD changes (#718)
* Update build Makefile to be able to build on other platforms
Split Makefiles to isolate every specifics per platform if specific file
is not found, the include will default to linux.
* Isolate linux specific messages emitted by crowdsec command line
On other platforms, we shouldn't write messages with `systemctl`
occurrences. This commit isolate the specific messages and ensure the
messages are relevant for the given platform according result of `GOOS`.
* remove the test
Co-authored-by: Sofian Brabez <sbz@6dev.net>
Co-authored-by: AlteredCoder <AlteredCoder>
* get rid of dead code
* have LeakRoutined started in a tomb
* fix race and multiple small issues in the way we handle tombs
* yet another race fix
* another race
* get rid of leaky.KillSwitch for proper tomb use
* fix deadlock
* empty overflow before exiting
* fix an obvious typo
* proper use of waitgroup
* have a smart signalisation for allowing LeakRoutine being killed
* ugly workaround
* fix lint error
* fix compilation
* fix panic
* shorten lock
* up lock both copy
* wait for crowdsec to die
* fix coding style and lint issue
* go mod tidy
Co-authored-by: bui <thibault@crowdsec.net>
* allow a acquisition_dir in crowdsec's config + change the behaviour of config loading so that it's working with a list instead. keep backward compat with acquisition_path
* remove the default behaviour of 'guessing' acquis path if param isn't present, and error