beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
1271 commits 83 branches 177 tags 151 MiB
Commit graph

80 commits

Author SHA1 Message Date
mmetc 534328ca30
decouple bouncer dependencies: use go-cs-lib/pkg/* (#2216) 
* decouple bouncer dependencies: use go-cs-lib/pkg/trace
* decouple bouncer dependencies: use go-cs-lib/pkg/version
* decouple bouncer dependencies: use go-cs-lib/pkg/yamlpatch
* decouple bouncer dependencies: use go-cs-lib/pkg/csstring
* unused import
 2023-05-23 10:52:47 +02:00
blotus 2701454f23
defaults to inotify to detect changes in file datasource to avoid too many call to stat() (#2181) 2023-05-09 10:03:55 +02:00
blotus 0279e549bd
check if the acquis tomb is dying while processing logs in replay mode for file/s3/docker (#2152) 2023-04-04 13:57:06 +02:00
mmetc 3132aa54b7
Properly load k8s audit configuration (#2158) 2023-04-03 21:55:31 +02:00
mmetc 3fa555fb25
Rename k8s_audit to k8s-audit (easier to type, consistent with labels) (#2153) 2023-04-03 09:53:38 +02:00
blotus 61bea26486
Add transform configuration option for acquisition (#2144) 2023-03-29 16:04:17 +02:00
blotus 1095f6c875
use expr.Function for custom functions instead of passing them in the env (#2133) 2023-03-28 10:49:01 +02:00
mmetc d769fff1e8
File acquisition: log "file reopen" events instead of writing to stderr (#2139) 2023-03-24 11:24:36 +01:00
blotus dc38e5ac00
S3 acquisition datasource (#2130) 2023-03-21 13:54:52 +01:00
Thibault "bui" Koechlin 618be9ff68
properly update the time structure within event (#2122) 
* properly update the time structure within event to ensure it works in time-machine

* move LIVE and TIMEMACHINE to pkg/types : less code needs to import leakybucket package, and we avoid duplicating constants
 2023-03-16 16:25:50 +01:00
Manuel Sabban b451d190b7
try to make reproducible build work (#2119) 
Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
 2023-03-13 17:26:33 +01:00
mmetc e161507d08
Lint (type inference): remove redundant type declarations (#2111) 2023-03-09 11:56:02 +01:00
mmetc ba4396e52c
fix flaky parser unit test (#1985) 2023-01-12 17:03:25 +01:00
mmetc 2d81e751a1
fix parser test 2k23 (#1971) 2023-01-04 15:46:16 +01:00
mmetc ff88faf402
updated localstack dependencies, added build cache 2022-12-21 12:20:01 +01:00
blotus fdda940ac0
Add Kubernetes audit acquisition (#1767) 2022-12-06 13:47:29 +01:00
mmetc 4a6a9c4355
acquisition: validate datasources before configuration (static checks) (#1841) 
* acquisition: validate datasources before configuration (allow static configuration checks)

* remove comment

* import reviser, format

* error wrap
 2022-11-30 17:36:56 +01:00
mmetc 104f5d1fe6
lint: error handling cleanup (#1877) 2022-11-29 09:16:07 +01:00
mmetc 895691dad1
enabled linters: gocritic, nilerr (#1853) 2022-11-07 10:36:50 +01:00
mmetc 02d2eab18c
update golangci-lint to 1.50 and fixes (#1828) 2022-10-26 15:11:37 +02:00
mmetc 2088bb1f91
fix for #1839 (#1840) 2022-10-26 11:02:12 +02:00
mmetc 2b7e3ff1e7
warn if no acquisition files are found, acquisition_test refactoring, tests (#1816) 2022-10-17 17:32:08 +02:00
mmetc ec0d2a5ed2
refactor broker_test.go, extract cstest/filenotfound*.go (#1815) 2022-10-17 14:17:23 +02:00
mmetc 1d9f861f28
unit tests: always capture testcase variable -> allow parallel testing (#1797) 2022-10-10 10:48:26 +02:00
Manuel Sabban 83841d801c
fork dlog to ease debian packaging on official repos (#1790) 
Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
 2022-10-06 13:40:31 +02:00
Shivam Sandbhor 65c0b9ebcf
Simplify one shot tests (#1786) 2022-10-06 11:57:26 +02:00
Shivam Sandbhor b203b3f444
Fix flakey test in file_tests (#1783) 
Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
 2022-10-05 16:40:09 +02:00
mmetc 6120571421
fix & cleanup cloudwatch_test.go (#1780) 2022-10-04 09:48:59 +02:00
mmetc edced6818a
cleanup + fix flaky tests in file_test.go, apic_test.go (#1773) 2022-09-30 16:01:42 +02:00
blotus bfbe180101
Tighten windows sqlite database permissions (#1769) 2022-09-28 16:18:00 +02:00
Laurence Jones 21e5b0d6d0
Improvement: Docker one shot error message (#1666) 
* In one shot, user would only specify one container?
 2022-09-27 16:20:30 +02:00
Thibault "bui" Koechlin 9d199fd4a9
fix #1733 : add support for exclusion regexps (#1735) 
* allow to specify a list of regular expressions to skip some specific files
 2022-09-06 14:58:37 +02:00
mmetc 414282a2c9
golangci-lint 1.49 and related fixes (#1736) 2022-09-06 13:55:03 +02:00
he2ss ea40ffd655
Datasource/kafka (#1698) 
* add Kafka datasource
 2022-08-30 17:03:45 +02:00
blotus 1f5224b74b
switch to go 1.19 (#1709) 2022-08-26 13:31:49 +02:00
blotus 7b8cd63b04
do not set the UDP read buffer size in syslog datasource (#1657) 2022-07-13 10:18:03 +02:00
mmetc 628d7be1d8
simplify err.Error() to err when used in printf context (#1603) 2022-06-22 15:53:53 +02:00
mmetc 10585bfecc
enabled linters and fixes for: misspell, predeclared, unconvert, ineffassign, gosimple, govet (#1595) 2022-06-16 14:41:54 +02:00
blotus bdda8691ff
New syslog parser for syslog datasource (#1554) 2022-06-08 15:16:58 +02:00
mmetc 799cc82bb5
functional tests, minor refactoring and lint/cleanup (#1570) 
* cmd/crowdsec: removed log.Fatal()s, added tests and print error for unrecognized argument
* updated golangci-lint to v1.46
* lint/deadcode: fix existing issues
* tests: cscli config backup/restore
* tests: cscli completion powershell/fish
* err check: pflags MarkHidden()
* empty .dockerignore (and explain the reason)
* tests, errors.Wrap
* test for CS_LAPI_SECRET and minor refactoring
* minor style changes
* log cleanup
 2022-06-06 15:24:48 +02:00
mmetc 1fc9587919
fix #1283: update and enable error reports from golangci (#1523) 2022-05-25 22:27:50 +02:00
blotus 0449ec1868
Windows Support (#1159) 2022-05-17 12:14:59 +02:00
blotus 392708a804
Fix docker flaky test (#1494) 2022-04-29 12:16:49 +02:00
Greg Myers 0f4ab71f01
Fix typos in docs, comments, code (#1483) 2022-04-27 11:04:12 +02:00
blotus 1bd8cc79c8
Kill the whole docker acquis in tests (#1475) 2022-04-22 16:56:22 +02:00
blotus 8909fbdb22
cleanup container state if the reader tomb dies by itself (#1470) 2022-04-22 10:52:44 +02:00
Thibault "bui" Koechlin 242706a475
fix journalctl deadlock on shutdown (#1468) 
* avoid being locked sending termination error while the reading routine - on the chan - died
 2022-04-21 14:02:25 +02:00
blotus 9cf2d5ab5c
handle containers with TTY in docker acquis (#1422) 2022-04-05 10:31:36 +02:00
mmetc 4e6b9597f8
fix for https://staticcheck.io/docs/checks#SA2002 (#1334) 2022-03-10 13:53:33 +01:00
Shivam Sandbhor c3dbe0080c
Exit syslog acquis only after server is dead (#1288) 2022-03-01 11:32:28 +01:00