beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
554 commits 83 branches 177 tags 151 MiB
Commit graph

50 commits

Author SHA1 Message Date
AlteredCoder 5ae69aa293
fix stacktrace when mmdb file are not present (#935) 
* fix stacktrace when mmdb file are not present
 2021-09-09 16:27:30 +02:00
blotus 7a1b955ad1
use our fork of grokky (#953) 2021-09-09 14:46:16 +02:00
ThinkChaos 448a227079
Minor changes to specific logs (#900) 
- Minor changes to specific logs
- Fix LAPI to not push signals to CAPI when disabled #907
 2021-08-25 18:30:05 +02:00
Manuel Sabban 4dbbd4b3c4
Download datafile (#895) 
* add the ability to download datafile on cscli hub upgrade on files are missing
* fix stuff + lint
* fix error management

Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
 2021-08-19 09:08:20 +02:00
Thibault "bui" Koechlin 25ed1c265d
fix #885 : remove dead dependencies for plugin (#891) 2021-08-17 10:32:15 +02:00
Thibault "bui" Koechlin 7f0cac8ee6
add support for 'expression' (fix #822) in grok patterns (#830) 
* add support for 'expression' (fix #822) in grok patterns

* add tests
 2021-06-21 09:07:33 +02:00
Thibault "bui" Koechlin ce6a61df1c
Refactor Acquisition Interface (#773) 
* Add new acquisition interface + new modules (cloudwatch, syslog)

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
 2021-06-11 09:53:53 +02:00
registergoofy 7e9ce901a4
add TimeNow in the exprlib helpers (#756) 
* add TimeNow in the exprlib helpers
* add a default date when none is detected: when no date is recognised by ParseDate, then use time.Now()
 2021-04-16 19:13:48 +02:00
AlteredCoder 1e899c2211
Refactor configuration management (#698) 2021-03-24 18:16:17 +01:00
AlteredCoder 4166d9ff48
fix pattern registration (#715) 2021-03-22 17:17:24 +01:00
Thibault "bui" Koechlin 1938e1a62d
clarify doc on onsuccess in parsers + add new date formats for dateparse (#703) 2021-03-19 16:33:10 +01:00
Thibault "bui" Koechlin 0981aa98d8
Pattern syntax consistence (#675) 
* fix #667

* improved error message

* mark the compability, ordered pattern_syntax will be tagged as 'version 2'

* fix tests + add tests to check grok subpattern dependencies
 2021-03-10 18:27:21 +01:00
registergoofy 13881edbaa
export node logger (#537) 2020-12-14 14:12:22 +01:00
Thibault "bui" Koechlin dbb420f79e
local api (#482) 
Co-authored-by: AlteredCoder
Co-authored-by: erenJag
 2020-11-30 10:37:17 +01:00
AlteredCoder 3801dcc277 fix parser tests 2020-08-23 23:34:12 +02:00
Thibault "bui" Koechlin 1956f52be5
add a warning when a grok pattern ends with \n (#183) 2020-08-20 15:07:50 +02:00
Thibault "bui" Koechlin ceb69f0cef
documentation improvment (#182) 2020-08-07 09:40:43 +02:00
Thibault "bui" Koechlin 8128dcf61b
add more tests for pkg/parser (config loading) (#172) 2020-08-05 11:20:03 +02:00
AlteredCoder d8f0f5a3a9
Add debug expr (#168) 
* debug expr in node.go
* update documentation

Co-authored-by: AlteredCoder <AlteredCoder>
Co-authored-by: Thibault bui Koechlin <thibault@crowdsec.net>
 2020-08-03 12:21:15 +02:00
erenJag 89c8d1a527
rename metrics and update metrics helps (#152) 
* rename metrics and update metrics helps

* add meta info about crowdsec

Co-authored-by: erenJag <erenJag>
 2020-07-29 15:03:15 +02:00
erenJag 44304a30e7
fix #124 (#127) 
* fix #124
 2020-07-09 12:41:18 +02:00
Thibault "bui" Koechlin a0c1ca49d0
Doc : fix whitelists documentation + document data for parsers/scenarios + document expr helpers + link taxonomy (#126) 2020-07-08 10:58:20 +02:00
Thibault "bui" Koechlin 7691e5b663
re-enable postoverflows (#117) 
* re-enable postoverflows

* debug

* yoloooo

* remove debug

* remove error print

* fix test

* fix leakybucket test

* fix

Co-authored-by: AlteredCoder <AlteredCoder>
 2020-07-02 17:56:39 +02:00
AlteredCoder eef1847873
add whitelisted flag in signal occurence (#114) 2020-07-02 11:44:27 +02:00
Thibault "bui" Koechlin b9ae94b874
Sqlite : Support automatic db flushing (#91) 
* add support for sqlite retention : max_records, max_records_age

* reduce verbosity of cwhub
 2020-07-01 17:04:29 +02:00
AlteredCoder 2e30793188
Allow CrowdSec to start if geoip data are not downloaded (#92) 
* Allow CrowdSec to start if `geoip` data are not downloaded
 2020-06-25 12:36:01 +02:00
Thibault "bui" Koechlin 5446857377
Add crowdsec reload + cscli metrics minor improvements (#79) 2020-06-19 13:57:44 +02:00
Thibault "bui" Koechlin 64c5fa7360
CI: add a CI to test parsers (#67) 2020-06-10 12:14:27 +02:00
AlteredCoder 08c0167f15
fix debug (#58) 
Co-authored-by: AlteredCoder <AlteredCoder>
 2020-06-02 16:17:30 +02:00
Thibault bui Koechlin b51d666dcb type 2020-05-28 11:32:00 +02:00
Thibault bui Koechlin 87ff0883cf lower verbosity for this, give context to that 2020-05-28 11:32:00 +02:00
Thibault bui Koechlin 372d8680c3 unify loggers and improve the log message about groks when they're not called by name 2020-05-28 11:31:55 +02:00
Thibault bui Koechlin 3fa5122db7 only test directories 2020-05-28 11:28:49 +02:00
Thibault bui Koechlin 7657a0cc37 fix non unique grok name 2020-05-28 11:28:49 +02:00
Thibault bui Koechlin a199cd8b36 unify paths 2020-05-28 11:28:49 +02:00
Thibault bui Koechlin 7557ce8156 add 'in File(...)' tests for parsers and leakybuckets 2020-05-28 11:28:49 +02:00
Thibault bui Koechlin 6cb5ec0460 add a parser unit test using the 'in File(...)' construct 2020-05-28 11:28:49 +02:00
Thibault "bui" Koechlin 1abdfc9b10 make message better 2020-05-28 11:28:49 +02:00
Thibault bui Koechlin ed24638200 fix remark 2020-05-25 11:37:52 +02:00
Thibault bui Koechlin 1970a90813 debug is false in benchmark 2020-05-24 12:59:26 +02:00
Thibault bui Koechlin 88c72340e3 unique pattern names 2020-05-24 12:44:33 +02:00
Thibault bui Koechlin aa9badc70c reset stages 2020-05-24 12:41:45 +02:00
Thibault bui Koechlin d601e21afb working tests for json 2020-05-23 13:22:43 +02:00
Thibault bui Koechlin 32f32b41c7 add json support via expr helpers 2020-05-22 18:12:33 +02:00
Thibault bui Koechlin e643bb5b31 linter fixes, inefficient assignments 2020-05-20 17:50:56 +02:00
Thibault bui Koechlin e6cad40ac4 more linting fixes 2020-05-20 11:26:21 +02:00
Thibault bui Koechlin fe68914628 more linter fixes (simplicity mostly) 2020-05-20 11:00:25 +02:00
Thibault bui Koechlin db9e1e280d fix linter warnings : dead code, simplification 2020-05-20 10:49:17 +02:00
Thibault bui Koechlin 604b97a519 LGMT fixes + avoid capitalizing fmt.Errorf strings 2020-05-19 21:31:06 +02:00
Thibault bui Koechlin 2016167654 initial import 2020-05-15 11:39:16 +02:00