up
This commit is contained in:
bui
parent
4bc206d9cb
commit
013699c480
3 changed files with 45 additions and 35 deletions
2
go.mod
2
go.mod
|
|
@ -56,7 +56,7 @@ require (
|
||||||
github.com/sirupsen/logrus v1.7.0
|
github.com/sirupsen/logrus v1.7.0
|
||||||
github.com/spf13/cobra v1.1.3
|
github.com/spf13/cobra v1.1.3
|
||||||
github.com/stretchr/testify v1.7.0
|
github.com/stretchr/testify v1.7.0
|
||||||
github.com/ugorji/go/codec v1.2.3 // indirect
|
github.com/ugorji/go v1.2.3 // indirect
|
||||||
github.com/vjeantet/grok v1.0.1 // indirect
|
github.com/vjeantet/grok v1.0.1 // indirect
|
||||||
golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad
|
golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad
|
||||||
golang.org/x/mod v0.4.1
|
golang.org/x/mod v0.4.1
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,7 @@ import (
|
||||||
"os"
|
"os"
|
||||||
|
|
||||||
"github.com/crowdsecurity/crowdsec/pkg/acquisition/configuration"
|
"github.com/crowdsecurity/crowdsec/pkg/acquisition/configuration"
|
||||||
|
file_acquisition "github.com/crowdsecurity/crowdsec/pkg/acquisition/modules/file"
|
||||||
"github.com/crowdsecurity/crowdsec/pkg/csconfig"
|
"github.com/crowdsecurity/crowdsec/pkg/csconfig"
|
||||||
"github.com/crowdsecurity/crowdsec/pkg/types"
|
"github.com/crowdsecurity/crowdsec/pkg/types"
|
||||||
"github.com/pkg/errors"
|
"github.com/pkg/errors"
|
||||||
|
|
@ -62,39 +63,39 @@ cat mode will return once source has been exhausted.
|
||||||
type DataSource interface {
|
type DataSource interface {
|
||||||
GetMetrics() []interface{} // Returns pointers to metrics that are managed by the module
|
GetMetrics() []interface{} // Returns pointers to metrics that are managed by the module
|
||||||
Configure([]byte, *log.Entry) error // Configure the datasource
|
Configure([]byte, *log.Entry) error // Configure the datasource
|
||||||
Mode() string // Get the mode (TAIL, CAT or SERVER)
|
GetMode() string // Get the mode (TAIL, CAT or SERVER)
|
||||||
SupportedModes() []string // Returns the mode supported by the datasource
|
SupportedModes() []string // Returns the mode supported by the datasource
|
||||||
OneShotAcquisition(chan types.Event, *tomb.Tomb) error // Start one shot acquisition(eg, cat a file)
|
OneShotAcquisition(chan types.Event, *tomb.Tomb) error // Start one shot acquisition(eg, cat a file)
|
||||||
LiveAcquisition(chan types.Event, *tomb.Tomb) error // Start live acquisition (eg, tail a file)
|
LiveAcquisition(chan types.Event, *tomb.Tomb) error // Start live acquisition (eg, tail a file)
|
||||||
CanRun() bool // Whether the datasource can run or not (eg, journalctl on BSD is a non-sense)
|
CanRun() bool // Whether the datasource can run or not (eg, journalctl on BSD is a non-sense)
|
||||||
}
|
}
|
||||||
|
|
||||||
type FileDataSource struct {
|
// type FileDataSource struct {
|
||||||
}
|
// }
|
||||||
|
|
||||||
func (f *FileDataSource) GetMetrics() []interface{} {
|
// func (f *FileDataSource) GetMetrics() []interface{} {
|
||||||
return nil
|
// return nil
|
||||||
}
|
// }
|
||||||
func (f *FileDataSource) Configure([]byte, *log.Entry) error {
|
// func (f *FileDataSource) Configure([]byte, *log.Entry) error {
|
||||||
return nil
|
// return nil
|
||||||
}
|
// }
|
||||||
func (f *FileDataSource) Mode() string {
|
// func (f *FileDataSource) Mode() string {
|
||||||
return ""
|
// return ""
|
||||||
}
|
// }
|
||||||
func (f *FileDataSource) SupportedModes() []string {
|
// func (f *FileDataSource) SupportedModes() []string {
|
||||||
return nil
|
// return nil
|
||||||
}
|
// }
|
||||||
func (f *FileDataSource) OneShotAcquisition(chan types.Event, *tomb.Tomb) error {
|
// func (f *FileDataSource) OneShotAcquisition(chan types.Event, *tomb.Tomb) error {
|
||||||
return nil
|
// return nil
|
||||||
}
|
// }
|
||||||
|
|
||||||
func (f *FileDataSource) LiveAcquisition(chan types.Event, *tomb.Tomb) error {
|
// func (f *FileDataSource) LiveAcquisition(chan types.Event, *tomb.Tomb) error {
|
||||||
return nil
|
// return nil
|
||||||
}
|
// }
|
||||||
|
|
||||||
func (f *FileDataSource) CanRun() bool {
|
// func (f *FileDataSource) CanRun() bool {
|
||||||
return true
|
// return true
|
||||||
}
|
// }
|
||||||
|
|
||||||
var AcquisitionSources = []struct {
|
var AcquisitionSources = []struct {
|
||||||
name string
|
name string
|
||||||
|
|
@ -102,7 +103,7 @@ var AcquisitionSources = []struct {
|
||||||
}{
|
}{
|
||||||
{
|
{
|
||||||
name: "file",
|
name: "file",
|
||||||
iface: &FileDataSource{},
|
iface: &file_acquisition.FileSource{},
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -181,7 +182,7 @@ func StartAcquisition(sources []DataSource, output chan types.Event, AcquisTomb
|
||||||
AcquisTomb.Go(func() error {
|
AcquisTomb.Go(func() error {
|
||||||
defer types.CatchPanic("crowdsec/acquis")
|
defer types.CatchPanic("crowdsec/acquis")
|
||||||
var err error
|
var err error
|
||||||
if subsrc.Mode() == configuration.TAIL_MODE {
|
if subsrc.GetMode() == configuration.TAIL_MODE {
|
||||||
err = subsrc.LiveAcquisition(output, AcquisTomb)
|
err = subsrc.LiveAcquisition(output, AcquisTomb)
|
||||||
} else {
|
} else {
|
||||||
err = subsrc.OneShotAcquisition(output, AcquisTomb)
|
err = subsrc.OneShotAcquisition(output, AcquisTomb)
|
||||||
|
|
|
||||||
|
|
@ -22,19 +22,20 @@ type FileConfiguration struct {
|
||||||
}
|
}
|
||||||
|
|
||||||
type FileSource struct {
|
type FileSource struct {
|
||||||
CommonConfig configuration.DataSourceCommonCfg
|
configuration.DataSourceCommonCfg
|
||||||
FileConfig FileConfiguration
|
FileConfig FileConfiguration
|
||||||
tails []*tail.Tail
|
Mode string
|
||||||
Files []string
|
tails []*tail.Tail
|
||||||
|
Files []string
|
||||||
}
|
}
|
||||||
|
|
||||||
func (f *FileSource) Configure(Config []byte) error {
|
func (f *FileSource) Configure(Config []byte, logger *log.Entry) error {
|
||||||
log.Warn("Configuring FileSource")
|
log.Warn("Configuring FileSource")
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (f *FileSource) Mode() string {
|
func (f *FileSource) GetMode() string {
|
||||||
return f.CommonConfig.Mode
|
return f.Mode
|
||||||
}
|
}
|
||||||
|
|
||||||
func (f *FileSource) SupportedModes() []string {
|
func (f *FileSource) SupportedModes() []string {
|
||||||
|
|
@ -52,6 +53,14 @@ func (f *FileSource) OneShotAcquisition(out chan types.Event, t *tomb.Tomb) erro
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (f *FileSource) GetMetrics() []interface{} {
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (f *FileSource) CanRun() bool {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
|
||||||
func (f *FileSource) LiveAcquisition(out chan types.Event, t *tomb.Tomb) error {
|
func (f *FileSource) LiveAcquisition(out chan types.Event, t *tomb.Tomb) error {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
@ -93,7 +102,7 @@ func (f *FileSource) readFile(filename string, out chan types.Event, t *tomb.Tom
|
||||||
l.Raw = scanner.Text()
|
l.Raw = scanner.Text()
|
||||||
l.Time = time.Now()
|
l.Time = time.Now()
|
||||||
l.Src = filename
|
l.Src = filename
|
||||||
l.Labels = f.CommonConfig.Labels
|
l.Labels = f.Labels
|
||||||
l.Process = true
|
l.Process = true
|
||||||
// FIXME: How to interact with prom metrics ?
|
// FIXME: How to interact with prom metrics ?
|
||||||
//ReaderHits.With(prometheus.Labels{"source": filename}).Inc()
|
//ReaderHits.With(prometheus.Labels{"source": filename}).Inc()
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue