beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
1263 commits 83 branches 177 tags 151 MiB
Commit graph

1263 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sebastien Blot
d0aba7dd9a
load grok patterns concurrently to speed up start process with re2 2023-05-15 09:30:45 +02:00
blotus
8aca0ea860
update default windows acquisition configuration (#2195) 2023-05-12 13:47:01 +02:00
dependabot[bot]
abbc130844
Bump github.com/docker/distribution (#2194) 
Bumps [github.com/docker/distribution](https://github.com/docker/distribution) from 2.8.0+incompatible to 2.8.2+incompatible.
- [Release notes](https://github.com/docker/distribution/releases)
- [Commits](https://github.com/docker/distribution/compare/v2.8.0...v2.8.2)

---
updated-dependencies:
- dependency-name: github.com/docker/distribution
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-12 09:45:08 +02:00
Laurence Jones
424215f228
Add ParseKV helper and rework UnmarshalJSON as a proper helper (#2184) 2023-05-12 09:43:01 +02:00
mmetc
e1f5ed41df
Implement "cscli config show-yaml" (#2191) 2023-05-11 21:01:13 +02:00
Thibault "bui" Koechlin
5ac33aab03
allow batching when importing decisions (#2192) 2023-05-11 14:33:18 +02:00
blotus
4ae41a363d
add Hostname helper in expr and templating (#2193) 2023-05-11 14:25:04 +02:00
blotus
71b7a594bd
add indexes on the FK between alerts and {decisions,metas,events} (#2188) 2023-05-11 13:49:01 +02:00
blotus
2701454f23
defaults to inotify to detect changes in file datasource to avoid too many call to stat() (#2181) 2023-05-09 10:03:55 +02:00
blotus
e1f4a71357
readd KeyExists expr helper (#2180) 2023-05-04 16:55:34 +02:00
blotus
a753ea6981
Add B64decode expr helper (#2183) 2023-05-04 14:15:20 +02:00
Thibault "bui" Koechlin
8f71edaadd
do not error on this filter (#2182) 2023-05-04 13:06:15 +02:00
Thibault "bui" Koechlin
4ff8f498ce
add a LogInfo expr helper (#2179) 2023-05-03 10:07:11 +02:00
AlteredCoder
6bb20fa951
fix issue #2172 (#2177) 2023-04-28 16:32:46 +02:00
dependabot[bot]
88587822c1
Bump github.com/docker/docker (#2159) 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 20.10.2+incompatible to 20.10.24+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v20.10.2...v20.10.24)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: mmetc <92726601+mmetc@users.noreply.github.com>
 2023-04-28 12:02:29 +02:00
AlteredCoder
c0e6c1ac78
Fix chooseHubBranch when latest() doesn't work (#2178) 
* Fix chooseHubBranch when latest() doesn't works
 2023-04-28 11:24:04 +02:00
mmetc
d286b044e7
Update go-sqlite3 dependency (fix LD_PRELOAD warnings) (#2174) 2023-04-19 12:05:24 +02:00
mmetc
0d1adfc7db
wizard: auto-detect ssh.service correctly on deb distros when auth.log is missing (fix #2175) (#2176) 2023-04-19 11:09:39 +02:00
Thibault "bui" Koechlin
3041023ed8
add an optional flag to disable the fetch (#2169) 2023-04-14 11:39:16 +02:00
Thibault "bui" Koechlin
66dfded0cf
significantly increase the max number of scenarios to be sent (#2170) 2023-04-14 11:39:07 +02:00
mmetc
6b744884b0
Update deps to latest stable: go-systemd, tail, cobra, lumberjack, testify (#2164) 2023-04-12 16:58:11 +02:00
mmetc
774a8cfc00
CI: use Go 1.20.3 (#2163) 2023-04-12 16:57:52 +02:00
mmetc
0c5d233563
Minor cleanup and dead code removal (#2166) 2023-04-12 16:57:38 +02:00
Laurence Jones
9a5a937695
Make it more obvious that parser succeeded but was whitelisted (#2167) 
* Make it more obvious that parser succeeded but was whitelisted

* Add more verbose by placing whitelist reason next to why it is ignored
 2023-04-12 10:48:42 +01:00
Thibault "bui" Koechlin
7fa469d0b0
timeout of ci jobs (#2160) 2023-04-05 15:15:33 +02:00
blotus
1e018bdaf8
Wait for both api and agent chans if necessary when daemonize is false or running on windows (#2155) 2023-04-04 15:16:48 +02:00
blotus
0279e549bd
check if the acquis tomb is dying while processing logs in replay mode for file/s3/docker (#2152) 2023-04-04 13:57:06 +02:00
mmetc
3132aa54b7
Properly load k8s audit configuration (#2158) 2023-04-03 21:55:31 +02:00
mmetc
38ab6be7c2
Allow feature.yml to change available subcommands (#2156) 2023-04-03 10:11:56 +02:00
mmetc
3fa555fb25
Rename k8s_audit to k8s-audit (easier to type, consistent with labels) (#2153) 2023-04-03 09:53:38 +02:00
mmetc
ea6401ce09
CI: Static builds by default; replace bincover with go -cover from 1.20 (#2150) 
* Makefile: build static binaries only
* Replace bincover with go -cover from 1.20
* CI: Fix timing issue between lapi and agent containers
 2023-03-30 15:05:09 +02:00
blotus
61bea26486
Add transform configuration option for acquisition (#2144) 2023-03-29 16:04:17 +02:00
blotus
772d5b5c32
Add experimental support for re2 (#2138) 2023-03-28 16:26:47 +02:00
blotus
1095f6c875
use expr.Function for custom functions instead of passing them in the env (#2133) 2023-03-28 10:49:01 +02:00
Thibault "bui" Koechlin
169b844212
fix awkward stacktrace in conditional filter (#2145) 2023-03-27 16:01:42 +02:00
mmetc
f39fbf07fa
Docker: don't re-register local agent if not needed (#2141) 2023-03-27 15:38:38 +02:00
mmetc
d769fff1e8
File acquisition: log "file reopen" events instead of writing to stderr (#2139) 2023-03-24 11:24:36 +01:00
mmetc
68d4bdc1bd
Docker: correct behavior of AGENTS_ALLOWED_OU, BOUNCERS_ALLOWED_OU (#2140) 2023-03-24 11:23:04 +01:00
mmetc
bbfb7d1cfa
Allow running func tests while running containers with crowdsec (#2137) 
Co-authored-by: Thibault "bui" Koechlin <thibault@crowdsec.net>
 2023-03-24 10:19:22 +01:00
mmetc
3884c5f47d
Unit tests: remove leftover files (#2134) 2023-03-22 13:51:37 +01:00
mmetc
80de87ac34
Report docker systems in version and user agents (#2136) 2023-03-22 11:57:29 +01:00
Thibault "bui" Koechlin
a3e5f0a3a0
fix dateparse (#2135) 2023-03-22 08:20:21 +01:00
blotus
91eb39cff6
New PAPI commands: reauth + force_pull (#2129) 2023-03-21 14:06:19 +01:00
blotus
dc38e5ac00
S3 acquisition datasource (#2130) 2023-03-21 13:54:52 +01:00
Thibault "bui" Koechlin
a74e424d53
support ip and cidr based whitelists for capi and 3rd party blocklists (#2132) 
* support ip and cidr based whitelists for capi and 3rd party blocklist
 2023-03-21 11:50:10 +01:00
Thibault "bui" Koechlin
d87f088b8f
match expr helper (#2126) 
* match expr helper
 2023-03-21 10:39:17 +01:00
mmetc
86971da274
CI: avoid conflict with pkg/build cache in golangci-lint action (#2123) 2023-03-20 10:41:08 +01:00
Thibault "bui" Koechlin
618be9ff68
properly update the time structure within event (#2122) 
* properly update the time structure within event to ensure it works in time-machine

* move LIVE and TIMEMACHINE to pkg/types : less code needs to import leakybucket package, and we avoid duplicating constants
 2023-03-16 16:25:50 +01:00
blotus
c77fe16943
actually fix expr-debugger to work with the new version (#2124) 2023-03-16 15:20:48 +01:00
blotus
94c7efdb5b
add ToString() helper (#2100) 2023-03-16 15:20:31 +01:00