crowdsec

History

Thibault "bui" Koechlin 8cca4346a5 Application Security Engine Support (#2273 ) Add a new datasource that: - Receives HTTP requests from remediation components - Apply rules on them to determine whether they are malicious or not - Rules can be evaluated in-band (the remediation component will block the request directly) or out-band (the RC will let the request through, but crowdsec can still process the rule matches with scenarios) The PR also adds support for 2 new hub items: - appsec-configs: Configure the Application Security Engine (which rules to load, in which phase) - appsec-rules: a rule that is added in the Application Security Engine (can use either our own format, or seclang) --------- Co-authored-by: alteredCoder <kevin@crowdsec.net> Co-authored-by: Sebastien Blot <sebastien@crowdsec.net> Co-authored-by: mmetc <92726601+mmetc@users.noreply.github.com> Co-authored-by: Marco Mariani <marco@crowdsec.net>		2023-12-07 12:21:04 +01:00
..
appsec	Application Security Engine Support (#2273 )	2023-12-07 12:21:04 +01:00
cloudwatch	typos/grammar (#2561 )	2023-11-07 15:07:36 +01:00
docker	minor log message improvements (#2455 )	2023-09-12 11:04:56 +02:00
file	CI: use go 1.21.5 (#2640 )	2023-12-06 12:38:36 +01:00
journalctl	update dependency on go-cs-lib; drop the pkg/ part (#2393 )	2023-07-28 16:35:08 +02:00
kafka	Kafka acquisition: warn if no consumer group id and allow to read from a specific partition (#2612 )	2023-11-23 10:02:53 +01:00
kinesis	update dependency on go-cs-lib; drop the pkg/ part (#2393 )	2023-07-28 16:35:08 +02:00
kubernetesaudit	update dependency on go-cs-lib; drop the pkg/ part (#2393 )	2023-07-28 16:35:08 +02:00
loki	Loki integration #2 (#2306 )	2023-11-22 13:31:39 +01:00
s3	add object key in src for S3 acquis (#2342 )	2023-07-07 10:09:18 +02:00
syslog	properly update the cs_syslogsource_parsed_total metric (#2608 )	2023-11-22 09:04:23 +01:00
wineventlog	CI: use go 1.21.5 (#2640 )	2023-12-06 12:38:36 +01:00