support.go 12 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412
  1. package main
  2. import (
  3. "archive/zip"
  4. "bytes"
  5. "context"
  6. "fmt"
  7. "io"
  8. "net/http"
  9. "net/url"
  10. "os"
  11. "path/filepath"
  12. "regexp"
  13. "strings"
  14. "github.com/blackfireio/osinfo"
  15. "github.com/go-openapi/strfmt"
  16. log "github.com/sirupsen/logrus"
  17. "github.com/spf13/cobra"
  18. "github.com/crowdsecurity/go-cs-lib/version"
  19. "github.com/crowdsecurity/crowdsec/cmd/crowdsec-cli/require"
  20. "github.com/crowdsecurity/crowdsec/pkg/apiclient"
  21. "github.com/crowdsecurity/crowdsec/pkg/cwhub"
  22. "github.com/crowdsecurity/crowdsec/pkg/cwversion"
  23. "github.com/crowdsecurity/crowdsec/pkg/database"
  24. "github.com/crowdsecurity/crowdsec/pkg/fflag"
  25. "github.com/crowdsecurity/crowdsec/pkg/models"
  26. )
  27. const (
  28. SUPPORT_METRICS_HUMAN_PATH = "metrics/metrics.human"
  29. SUPPORT_METRICS_PROMETHEUS_PATH = "metrics/metrics.prometheus"
  30. SUPPORT_VERSION_PATH = "version.txt"
  31. SUPPORT_FEATURES_PATH = "features.txt"
  32. SUPPORT_OS_INFO_PATH = "osinfo.txt"
  33. SUPPORT_PARSERS_PATH = "hub/parsers.txt"
  34. SUPPORT_SCENARIOS_PATH = "hub/scenarios.txt"
  35. SUPPORT_COLLECTIONS_PATH = "hub/collections.txt"
  36. SUPPORT_POSTOVERFLOWS_PATH = "hub/postoverflows.txt"
  37. SUPPORT_BOUNCERS_PATH = "lapi/bouncers.txt"
  38. SUPPORT_AGENTS_PATH = "lapi/agents.txt"
  39. SUPPORT_CROWDSEC_CONFIG_PATH = "config/crowdsec.yaml"
  40. SUPPORT_LAPI_STATUS_PATH = "lapi_status.txt"
  41. SUPPORT_CAPI_STATUS_PATH = "capi_status.txt"
  42. SUPPORT_ACQUISITION_CONFIG_BASE_PATH = "config/acquis/"
  43. SUPPORT_CROWDSEC_PROFILE_PATH = "config/profiles.yaml"
  44. )
  45. // from https://github.com/acarl005/stripansi
  46. var reStripAnsi = regexp.MustCompile("[\u001B\u009B][[\\]()#;?]*(?:(?:(?:[a-zA-Z\\d]*(?:;[a-zA-Z\\d]*)*)?\u0007)|(?:(?:\\d{1,4}(?:;\\d{0,4})*)?[\\dA-PRZcf-ntqry=><~]))")
  47. func stripAnsiString(str string) string {
  48. // the byte version doesn't strip correctly
  49. return reStripAnsi.ReplaceAllString(str, "")
  50. }
  51. func collectMetrics() ([]byte, []byte, error) {
  52. log.Info("Collecting prometheus metrics")
  53. err := csConfig.LoadPrometheus()
  54. if err != nil {
  55. return nil, nil, err
  56. }
  57. if csConfig.Cscli.PrometheusUrl == "" {
  58. log.Warn("No Prometheus URL configured, metrics will not be collected")
  59. return nil, nil, fmt.Errorf("prometheus_uri is not set")
  60. }
  61. humanMetrics := bytes.NewBuffer(nil)
  62. err = FormatPrometheusMetrics(humanMetrics, csConfig.Cscli.PrometheusUrl+"/metrics", "human")
  63. if err != nil {
  64. return nil, nil, fmt.Errorf("could not fetch promtheus metrics: %s", err)
  65. }
  66. req, err := http.NewRequest(http.MethodGet, csConfig.Cscli.PrometheusUrl+"/metrics", nil)
  67. if err != nil {
  68. return nil, nil, fmt.Errorf("could not create requests to prometheus endpoint: %s", err)
  69. }
  70. client := &http.Client{}
  71. resp, err := client.Do(req)
  72. if err != nil {
  73. return nil, nil, fmt.Errorf("could not get metrics from prometheus endpoint: %s", err)
  74. }
  75. defer resp.Body.Close()
  76. body, err := io.ReadAll(resp.Body)
  77. if err != nil {
  78. return nil, nil, fmt.Errorf("could not read metrics from prometheus endpoint: %s", err)
  79. }
  80. return humanMetrics.Bytes(), body, nil
  81. }
  82. func collectVersion() []byte {
  83. log.Info("Collecting version")
  84. return []byte(cwversion.ShowStr())
  85. }
  86. func collectFeatures() []byte {
  87. log.Info("Collecting feature flags")
  88. enabledFeatures := fflag.Crowdsec.GetEnabledFeatures()
  89. w := bytes.NewBuffer(nil)
  90. for _, k := range enabledFeatures {
  91. fmt.Fprintf(w, "%s\n", k)
  92. }
  93. return w.Bytes()
  94. }
  95. func collectOSInfo() ([]byte, error) {
  96. log.Info("Collecting OS info")
  97. info, err := osinfo.GetOSInfo()
  98. if err != nil {
  99. return nil, err
  100. }
  101. w := bytes.NewBuffer(nil)
  102. w.WriteString(fmt.Sprintf("Architecture: %s\n", info.Architecture))
  103. w.WriteString(fmt.Sprintf("Family: %s\n", info.Family))
  104. w.WriteString(fmt.Sprintf("ID: %s\n", info.ID))
  105. w.WriteString(fmt.Sprintf("Name: %s\n", info.Name))
  106. w.WriteString(fmt.Sprintf("Codename: %s\n", info.Codename))
  107. w.WriteString(fmt.Sprintf("Version: %s\n", info.Version))
  108. w.WriteString(fmt.Sprintf("Build: %s\n", info.Build))
  109. return w.Bytes(), nil
  110. }
  111. func collectHubItems(itemType string) []byte {
  112. out := bytes.NewBuffer(nil)
  113. log.Infof("Collecting %s list", itemType)
  114. ListItems(out, []string{itemType}, []string{}, false, true, all)
  115. return out.Bytes()
  116. }
  117. func collectBouncers(dbClient *database.Client) ([]byte, error) {
  118. out := bytes.NewBuffer(nil)
  119. err := getBouncers(out, dbClient)
  120. if err != nil {
  121. return nil, err
  122. }
  123. return out.Bytes(), nil
  124. }
  125. func collectAgents(dbClient *database.Client) ([]byte, error) {
  126. out := bytes.NewBuffer(nil)
  127. err := getAgents(out, dbClient)
  128. if err != nil {
  129. return nil, err
  130. }
  131. return out.Bytes(), nil
  132. }
  133. func collectAPIStatus(login string, password string, endpoint string, prefix string) []byte {
  134. if csConfig.API.Client == nil || csConfig.API.Client.Credentials == nil {
  135. return []byte("No agent credentials found, are we LAPI ?")
  136. }
  137. pwd := strfmt.Password(password)
  138. apiurl, err := url.Parse(endpoint)
  139. if err != nil {
  140. return []byte(fmt.Sprintf("cannot parse API URL: %s", err))
  141. }
  142. scenarios, err := cwhub.GetInstalledItemsAsString(cwhub.SCENARIOS)
  143. if err != nil {
  144. return []byte(fmt.Sprintf("could not collect scenarios: %s", err))
  145. }
  146. Client, err = apiclient.NewDefaultClient(apiurl,
  147. prefix,
  148. fmt.Sprintf("crowdsec/%s", version.String()),
  149. nil)
  150. if err != nil {
  151. return []byte(fmt.Sprintf("could not init client: %s", err))
  152. }
  153. t := models.WatcherAuthRequest{
  154. MachineID: &login,
  155. Password: &pwd,
  156. Scenarios: scenarios,
  157. }
  158. _, _, err = Client.Auth.AuthenticateWatcher(context.Background(), t)
  159. if err != nil {
  160. return []byte(fmt.Sprintf("Could not authenticate to API: %s", err))
  161. } else {
  162. return []byte("Successfully authenticated to LAPI")
  163. }
  164. }
  165. func collectCrowdsecConfig() []byte {
  166. log.Info("Collecting crowdsec config")
  167. config, err := os.ReadFile(*csConfig.FilePath)
  168. if err != nil {
  169. return []byte(fmt.Sprintf("could not read config file: %s", err))
  170. }
  171. r := regexp.MustCompile(`(\s+password:|\s+user:|\s+host:)\s+.*`)
  172. return r.ReplaceAll(config, []byte("$1 ****REDACTED****"))
  173. }
  174. func collectCrowdsecProfile() []byte {
  175. log.Info("Collecting crowdsec profile")
  176. config, err := os.ReadFile(csConfig.API.Server.ProfilesPath)
  177. if err != nil {
  178. return []byte(fmt.Sprintf("could not read profile file: %s", err))
  179. }
  180. return config
  181. }
  182. func collectAcquisitionConfig() map[string][]byte {
  183. log.Info("Collecting acquisition config")
  184. ret := make(map[string][]byte)
  185. for _, filename := range csConfig.Crowdsec.AcquisitionFiles {
  186. fileContent, err := os.ReadFile(filename)
  187. if err != nil {
  188. ret[filename] = []byte(fmt.Sprintf("could not read file: %s", err))
  189. } else {
  190. ret[filename] = fileContent
  191. }
  192. }
  193. return ret
  194. }
  195. func NewSupportCmd() *cobra.Command {
  196. var cmdSupport = &cobra.Command{
  197. Use: "support [action]",
  198. Short: "Provide commands to help during support",
  199. Args: cobra.MinimumNArgs(1),
  200. DisableAutoGenTag: true,
  201. PersistentPreRunE: func(cmd *cobra.Command, args []string) error {
  202. return nil
  203. },
  204. }
  205. var outFile string
  206. cmdDump := &cobra.Command{
  207. Use: "dump",
  208. Short: "Dump all your configuration to a zip file for easier support",
  209. Long: `Dump the following informations:
  210. - Crowdsec version
  211. - OS version
  212. - Installed collections list
  213. - Installed parsers list
  214. - Installed scenarios list
  215. - Installed postoverflows list
  216. - Bouncers list
  217. - Machines list
  218. - CAPI status
  219. - LAPI status
  220. - Crowdsec config (sensitive information like username and password are redacted)
  221. - Crowdsec metrics`,
  222. Example: `cscli support dump
  223. cscli support dump -f /tmp/crowdsec-support.zip
  224. `,
  225. Args: cobra.NoArgs,
  226. DisableAutoGenTag: true,
  227. Run: func(cmd *cobra.Command, args []string) {
  228. var err error
  229. var skipHub, skipDB, skipCAPI, skipLAPI, skipAgent bool
  230. infos := map[string][]byte{
  231. SUPPORT_VERSION_PATH: collectVersion(),
  232. SUPPORT_FEATURES_PATH: collectFeatures(),
  233. }
  234. if outFile == "" {
  235. outFile = "/tmp/crowdsec-support.zip"
  236. }
  237. dbClient, err = database.NewClient(csConfig.DbConfig)
  238. if err != nil {
  239. log.Warnf("Could not connect to database: %s", err)
  240. skipDB = true
  241. infos[SUPPORT_BOUNCERS_PATH] = []byte(err.Error())
  242. infos[SUPPORT_AGENTS_PATH] = []byte(err.Error())
  243. }
  244. if err := csConfig.LoadAPIServer(); err != nil {
  245. log.Warnf("could not load LAPI, skipping CAPI check")
  246. skipLAPI = true
  247. infos[SUPPORT_CAPI_STATUS_PATH] = []byte(err.Error())
  248. }
  249. if err := csConfig.LoadCrowdsec(); err != nil {
  250. log.Warnf("could not load agent config, skipping crowdsec config check")
  251. skipAgent = true
  252. }
  253. if err := require.Hub(csConfig); err != nil {
  254. log.Warn("Could not init hub, running on LAPI ? Hub related information will not be collected")
  255. skipHub = true
  256. infos[SUPPORT_PARSERS_PATH] = []byte(err.Error())
  257. infos[SUPPORT_SCENARIOS_PATH] = []byte(err.Error())
  258. infos[SUPPORT_POSTOVERFLOWS_PATH] = []byte(err.Error())
  259. infos[SUPPORT_COLLECTIONS_PATH] = []byte(err.Error())
  260. }
  261. if csConfig.API.Client == nil || csConfig.API.Client.Credentials == nil {
  262. log.Warn("no agent credentials found, skipping LAPI connectivity check")
  263. if _, ok := infos[SUPPORT_LAPI_STATUS_PATH]; ok {
  264. infos[SUPPORT_LAPI_STATUS_PATH] = append(infos[SUPPORT_LAPI_STATUS_PATH], []byte("\nNo LAPI credentials found")...)
  265. }
  266. skipLAPI = true
  267. }
  268. if csConfig.API.Server == nil || csConfig.API.Server.OnlineClient == nil || csConfig.API.Server.OnlineClient.Credentials == nil {
  269. log.Warn("no CAPI credentials found, skipping CAPI connectivity check")
  270. skipCAPI = true
  271. }
  272. infos[SUPPORT_METRICS_HUMAN_PATH], infos[SUPPORT_METRICS_PROMETHEUS_PATH], err = collectMetrics()
  273. if err != nil {
  274. log.Warnf("could not collect prometheus metrics information: %s", err)
  275. infos[SUPPORT_METRICS_HUMAN_PATH] = []byte(err.Error())
  276. infos[SUPPORT_METRICS_PROMETHEUS_PATH] = []byte(err.Error())
  277. }
  278. infos[SUPPORT_OS_INFO_PATH], err = collectOSInfo()
  279. if err != nil {
  280. log.Warnf("could not collect OS information: %s", err)
  281. infos[SUPPORT_OS_INFO_PATH] = []byte(err.Error())
  282. }
  283. infos[SUPPORT_CROWDSEC_CONFIG_PATH] = collectCrowdsecConfig()
  284. if !skipHub {
  285. infos[SUPPORT_PARSERS_PATH] = collectHubItems(cwhub.PARSERS)
  286. infos[SUPPORT_SCENARIOS_PATH] = collectHubItems(cwhub.SCENARIOS)
  287. infos[SUPPORT_POSTOVERFLOWS_PATH] = collectHubItems(cwhub.PARSERS_OVFLW)
  288. infos[SUPPORT_COLLECTIONS_PATH] = collectHubItems(cwhub.COLLECTIONS)
  289. }
  290. if !skipDB {
  291. infos[SUPPORT_BOUNCERS_PATH], err = collectBouncers(dbClient)
  292. if err != nil {
  293. log.Warnf("could not collect bouncers information: %s", err)
  294. infos[SUPPORT_BOUNCERS_PATH] = []byte(err.Error())
  295. }
  296. infos[SUPPORT_AGENTS_PATH], err = collectAgents(dbClient)
  297. if err != nil {
  298. log.Warnf("could not collect agents information: %s", err)
  299. infos[SUPPORT_AGENTS_PATH] = []byte(err.Error())
  300. }
  301. }
  302. if !skipCAPI {
  303. log.Info("Collecting CAPI status")
  304. infos[SUPPORT_CAPI_STATUS_PATH] = collectAPIStatus(csConfig.API.Server.OnlineClient.Credentials.Login,
  305. csConfig.API.Server.OnlineClient.Credentials.Password,
  306. csConfig.API.Server.OnlineClient.Credentials.URL,
  307. CAPIURLPrefix)
  308. }
  309. if !skipLAPI {
  310. log.Info("Collection LAPI status")
  311. infos[SUPPORT_LAPI_STATUS_PATH] = collectAPIStatus(csConfig.API.Client.Credentials.Login,
  312. csConfig.API.Client.Credentials.Password,
  313. csConfig.API.Client.Credentials.URL,
  314. LAPIURLPrefix)
  315. infos[SUPPORT_CROWDSEC_PROFILE_PATH] = collectCrowdsecProfile()
  316. }
  317. if !skipAgent {
  318. acquis := collectAcquisitionConfig()
  319. for filename, content := range acquis {
  320. fname := strings.ReplaceAll(filename, string(filepath.Separator), "___")
  321. infos[SUPPORT_ACQUISITION_CONFIG_BASE_PATH+fname] = content
  322. }
  323. }
  324. w := bytes.NewBuffer(nil)
  325. zipWriter := zip.NewWriter(w)
  326. for filename, data := range infos {
  327. fw, err := zipWriter.Create(filename)
  328. if err != nil {
  329. log.Errorf("Could not add zip entry for %s: %s", filename, err)
  330. continue
  331. }
  332. fw.Write([]byte(stripAnsiString(string(data))))
  333. }
  334. err = zipWriter.Close()
  335. if err != nil {
  336. log.Fatalf("could not finalize zip file: %s", err)
  337. }
  338. err = os.WriteFile(outFile, w.Bytes(), 0600)
  339. if err != nil {
  340. log.Fatalf("could not write zip file to %s: %s", outFile, err)
  341. }
  342. log.Infof("Written zip file to %s", outFile)
  343. },
  344. }
  345. cmdDump.Flags().StringVarP(&outFile, "outFile", "f", "", "File to dump the information to")
  346. cmdSupport.AddCommand(cmdDump)
  347. return cmdSupport
  348. }