Merge branch 'crowdsecurity:master' into master
This commit is contained in:
Manuel Sabban
GitHub
commit
25a8ab6163
5 changed files with 23 additions and 2 deletions
2
.gitignore
vendored
2
.gitignore
vendored
|
|
@ -4,6 +4,8 @@
|
|||
*.dll
|
||||
*.so
|
||||
*.dylib
|
||||
*~
|
||||
.pc
|
||||
|
||||
# Test binary, built with `go test -c`
|
||||
*.test
|
||||
|
|
|
|||
|
|
@ -34,6 +34,7 @@ var (
|
|||
func DecisionsToTable(alerts *models.GetAlertsResponse) error {
|
||||
/*here we cheat a bit : to make it more readable for the user, we dedup some entries*/
|
||||
var spamLimit map[string]bool = make(map[string]bool)
|
||||
var skipped = 0
|
||||
|
||||
/*process in reverse order to keep the latest item only*/
|
||||
for aIdx := len(*alerts) - 1; aIdx >= 0; aIdx-- {
|
||||
|
|
@ -42,6 +43,7 @@ func DecisionsToTable(alerts *models.GetAlertsResponse) error {
|
|||
for _, decisionItem := range alertItem.Decisions {
|
||||
spamKey := fmt.Sprintf("%t:%s:%s:%s", *decisionItem.Simulated, *decisionItem.Type, *decisionItem.Scope, *decisionItem.Value)
|
||||
if _, ok := spamLimit[spamKey]; ok {
|
||||
skipped++
|
||||
continue
|
||||
}
|
||||
spamLimit[spamKey] = true
|
||||
|
|
@ -100,6 +102,9 @@ func DecisionsToTable(alerts *models.GetAlertsResponse) error {
|
|||
}
|
||||
}
|
||||
table.Render() // Send output
|
||||
if skipped > 0 {
|
||||
fmt.Printf("%d duplicated entries skipped\n", skipped)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,7 +23,7 @@ static: clean
|
|||
$(GOBUILD) $(LD_OPTS_STATIC) -o $(CROWDSEC_BIN) -v -a -tags netgo
|
||||
|
||||
test:
|
||||
$(GOTEST) -v ./...
|
||||
$(GOTEST) $(LD_OPTS) -v ./...
|
||||
|
||||
clean:
|
||||
rm -f $(CROWDSEC_BIN)
|
||||
|
|
|
|||
14
debian/README.md
vendored
Normal file
14
debian/README.md
vendored
Normal file
|
|
@ -0,0 +1,14 @@
|
|||
|
||||
# Building Debian/Ubuntu packages
|
||||
|
||||
It is not recommended to build your own packages for production environments.
|
||||
|
||||
However, if you want to experiment and contribute:
|
||||
|
||||
* Update the changelog (at least give it a correct version number)
|
||||
* Run "QUILT_PATCHES=debian/patches quilt push -a && quilt refresh"
|
||||
|
||||
We do the above in the build pipeline, so you'll have to do it manually before running:
|
||||
|
||||
* dpkg-buildpackage -uc -us -b
|
||||
|
||||
|
|
@ -222,7 +222,7 @@ func (c *Client) QueryExpiredDecisionsSinceWithFilters(since time.Time, filters
|
|||
}
|
||||
|
||||
func (c *Client) QueryNewDecisionsSinceWithFilters(since time.Time, filters map[string][]string) ([]*ent.Decision, error) {
|
||||
query := c.Ent.Decision.Query().Where(decision.CreatedAtGT(since))
|
||||
query := c.Ent.Decision.Query().Where(decision.CreatedAtGT(since)).Where(decision.UntilGT(time.Now()))
|
||||
query, err := BuildDecisionRequestWithFilter(query, filters)
|
||||
if err != nil {
|
||||
c.Log.Warningf("QueryNewDecisionsSinceWithFilters : %s", err)
|
||||
|
|
|
|||
Loading…
Add table
Reference in a new issue