瀏覽代碼

Merge branch 'crowdsecurity:master' into master

Manuel Sabban 3 年之前
父節點
當前提交
25a8ab6163
共有 5 個文件被更改,包括 23 次插入2 次删除
  1. 2 0
      .gitignore
  2. 5 0
      cmd/crowdsec-cli/decisions.go
  3. 1 1
      cmd/crowdsec/Makefile
  4. 14 0
      debian/README.md
  5. 1 1
      pkg/database/decisions.go

+ 2 - 0
.gitignore

@@ -4,6 +4,8 @@
 *.dll
 *.so
 *.dylib
+*~
+.pc
 
 # Test binary, built with `go test -c`
 *.test

+ 5 - 0
cmd/crowdsec-cli/decisions.go

@@ -34,6 +34,7 @@ var (
 func DecisionsToTable(alerts *models.GetAlertsResponse) error {
 	/*here we cheat a bit : to make it more readable for the user, we dedup some entries*/
 	var spamLimit map[string]bool = make(map[string]bool)
+	var skipped = 0
 
 	/*process in reverse order to keep the latest item only*/
 	for aIdx := len(*alerts) - 1; aIdx >= 0; aIdx-- {
@@ -42,6 +43,7 @@ func DecisionsToTable(alerts *models.GetAlertsResponse) error {
 		for _, decisionItem := range alertItem.Decisions {
 			spamKey := fmt.Sprintf("%t:%s:%s:%s", *decisionItem.Simulated, *decisionItem.Type, *decisionItem.Scope, *decisionItem.Value)
 			if _, ok := spamLimit[spamKey]; ok {
+				skipped++
 				continue
 			}
 			spamLimit[spamKey] = true
@@ -100,6 +102,9 @@ func DecisionsToTable(alerts *models.GetAlertsResponse) error {
 			}
 		}
 		table.Render() // Send output
+		if skipped > 0 {
+			fmt.Printf("%d duplicated entries skipped\n", skipped)
+		}
 	}
 	return nil
 }

+ 1 - 1
cmd/crowdsec/Makefile

@@ -23,7 +23,7 @@ static: clean
 	$(GOBUILD) $(LD_OPTS_STATIC) -o $(CROWDSEC_BIN) -v -a -tags netgo
 
 test:
-	$(GOTEST) -v ./...
+	$(GOTEST) $(LD_OPTS) -v ./...
 
 clean:
 	rm -f $(CROWDSEC_BIN)

+ 14 - 0
debian/README.md

@@ -0,0 +1,14 @@
+
+# Building Debian/Ubuntu packages
+
+It is not recommended to build your own packages for production environments.
+
+However, if you want to experiment and contribute:
+
+* Update the changelog (at least give it a correct version number)
+* Run "QUILT_PATCHES=debian/patches quilt push -a && quilt refresh"
+
+We do the above in the build pipeline, so you'll have to do it manually before running:
+
+* dpkg-buildpackage -uc -us -b
+

+ 1 - 1
pkg/database/decisions.go

@@ -222,7 +222,7 @@ func (c *Client) QueryExpiredDecisionsSinceWithFilters(since time.Time, filters
 }
 
 func (c *Client) QueryNewDecisionsSinceWithFilters(since time.Time, filters map[string][]string) ([]*ent.Decision, error) {
-	query := c.Ent.Decision.Query().Where(decision.CreatedAtGT(since))
+	query := c.Ent.Decision.Query().Where(decision.CreatedAtGT(since)).Where(decision.UntilGT(time.Now()))
 	query, err := BuildDecisionRequestWithFilter(query, filters)
 	if err != nil {
 		c.Log.Warningf("QueryNewDecisionsSinceWithFilters : %s", err)