beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
1425 commits 83 branches 177 tags 151 MiB
Commit graph

14 commits

Author SHA1 Message Date
Laurence Jones b8e6bd8c9a
[Explain] s02 can cause panic if empty (#2486) 
* Add parsers length check as it can panic is enrich is empty

* Lets get smarter and loop backwards to find last successful stage

* Shorten code

---------

Co-authored-by: Thibault "bui" Koechlin <thibault@crowdsec.net>
 2023-09-29 12:03:56 +01:00
Thibault "bui" Koechlin 8f6659a2ec
fix the float comparison by using Abs(a,b) < 1e-6 approach (IEEE 754). Move the initializiation of expr helpers (#2492) 2023-09-28 17:22:00 +02:00
Laurence Jones 37c0c067a8
cscli hubtest whitelist (#2479) 
* Initial tests

* Always print whitelist as we can compare if we mess up the opposite way
 2023-09-20 16:42:19 +01:00
Manuel Sabban 9ac5aeda79
fix the ci by adding the ability to enforce event ordering (#2347) 
* fix the ci by adding the ability to enforce event ordering
 2023-07-20 11:41:30 +02:00
mmetc bd41f855cf
errors.Wrap -> fmt.Errorf (#2317) 2023-06-29 11:34:59 +02:00
mmetc 6096cb3c9b
Move grok_pattern.go away from pkg/types to trim bouncer dependencies (#2269) 2023-06-08 15:07:30 +02:00
blotus f6924f8c57
generate asserts for evt.Unmarshaled in hubtest (#2214) 2023-05-26 11:44:58 +02:00
Laurence Jones 9a5a937695
Make it more obvious that parser succeeded but was whitelisted (#2167) 
* Make it more obvious that parser succeeded but was whitelisted

* Add more verbose by placing whitelist reason next to why it is ignored
 2023-04-12 10:48:42 +01:00
blotus 1095f6c875
use expr.Function for custom functions instead of passing them in the env (#2133) 2023-03-28 10:49:01 +02:00
Laurence Jones 75d8b821ff
Explain successful parsers only (#2063) 
* Add option to filter down explain to successful parsers useful for me who has every collection installed

* Altered naming conventions so it makes more sense when reading
 2023-02-24 13:49:17 +00:00
Laurence Jones 5aca11af70
Show s00 stats instead of "first_parser" (#2055) 
* show s00 if verbose is provided

* Clean up code

* Fix failing test
 2023-02-14 14:36:08 +00:00
Thibault "bui" Koechlin e4463c412b
Improve warnings around lack of evt.StrTime field (#1954) 
* fix #1951 : improve error messages

* make hubtest warn you if you're missing evt.StrTime in your logs
 2022-12-29 15:03:32 +01:00
mmetc 895691dad1
enabled linters: gocritic, nilerr (#1853) 2022-11-07 10:36:50 +01:00
mmetc a96b3e077d
rename pkg/cstest -> pkg/hubtest (#1811) 
keep cstest for generic helper functions
this also avoids circular imports in test files
 2022-10-17 09:24:07 +02:00