mmetc
1d9f861f28
unit tests: always capture testcase variable -> allow parallel testing ( #1797 )
2022-10-10 10:48:26 +02:00
Manuel Sabban
1f06f242cc
fix https://github.com/crowdsecurity/crowdsec/issues/1746 ( #1749 )
...
Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
2022-09-14 15:26:26 +02:00
mmetc
414282a2c9
golangci-lint 1.49 and related fixes ( #1736 )
2022-09-06 13:55:03 +02:00
Thibault "bui" Koechlin
866c200c31
Generic dateparse approach ( #1669 )
...
* Allow any parser to suggest a format string for the date to be parsed.
* allow the enricher functions to get the parser's logger so they can inherit the level
2022-07-28 16:41:41 +02:00
AlteredCoder
39da36361c
Get geoip Country from other objects if not present ( #1659 )
2022-07-12 15:26:34 +02:00
AlteredCoder
5f62d738fc
Add no-capi flag and review some logs ( #1628 )
...
* Add no-capi flag and review some logs
2022-07-01 16:56:13 +02:00
AlteredCoder
a4f4eabf0a
support yml file ( #1605 )
2022-06-22 17:01:27 +02:00
mmetc
628d7be1d8
simplify err.Error() to err when used in printf context ( #1603 )
2022-06-22 15:53:53 +02:00
he2ss
3d6f015211
Add duration expr to add duration formula ( #1556 )
...
* add duration expr to add duration formula
2022-06-22 11:29:52 +02:00
mmetc
d71279f023
added flag crowdsec --warning ( #1461 )
2022-06-22 09:38:23 +02:00
mmetc
10585bfecc
enabled linters and fixes for: misspell, predeclared, unconvert, ineffassign, gosimple, govet ( #1595 )
2022-06-16 14:41:54 +02:00
blotus
4b311684ab
Add more JSON expr helpers ( #1576 )
2022-06-08 12:15:29 +02:00
mmetc
799cc82bb5
functional tests, minor refactoring and lint/cleanup ( #1570 )
...
* cmd/crowdsec: removed log.Fatal()s, added tests and print error for unrecognized argument
* updated golangci-lint to v1.46
* lint/deadcode: fix existing issues
* tests: cscli config backup/restore
* tests: cscli completion powershell/fish
* err check: pflags MarkHidden()
* empty .dockerignore (and explain the reason)
* tests, errors.Wrap
* test for CS_LAPI_SECRET and minor refactoring
* minor style changes
* log cleanup
2022-06-06 15:24:48 +02:00
Thibault "bui" Koechlin
0483b9c641
do not spew.Sdump() the invalid node on error. It leads to huge memory usage, especially if the parsers refers ie. datafile ( #1550 )
2022-05-20 13:29:47 +02:00
AlteredCoder
1e1741aa45
Allow to set static to a pointer and add IsIPV6 helper ( #1540 )
...
* Allow to set static to a pointer and add IsIPV6 helper
2022-05-19 16:28:25 +02:00
Cristian Nitescu
a49b023a28
GetExprEnv usage optimization ( #1515 )
...
* avoid multiples calls to GetExprEnv
* cache ExprEnv in node process
* use global expression env
* remove block profile rate
2022-05-17 10:50:37 +02:00
Greg Myers
0f4ab71f01
Fix typos in docs, comments, code ( #1483 )
2022-04-27 11:04:12 +02:00
mmetc
4b9a0c4ef7
typos ( #1453 )
2022-04-19 11:25:27 +02:00
Thibault "bui" Koechlin
a74a41dac5
fix #1357 ( #1358 )
2022-03-16 09:40:00 +01:00
mmetc
7c0593c659
noop code removal, typos and lint fixes ( #1329 )
2022-03-09 16:15:18 +01:00
Thibault "bui" Koechlin
dd53d19777
Make whitelist by expr debug level ( #1236 )
...
* fix #616 : simply make it at debug level, so that the user can set his node to debug level if he really wants to see this. Otherwise it can be too spammy
2022-02-03 17:04:18 +01:00
Thibault "bui" Koechlin
cc1ab8c50d
switch to utc time everywhere ( #1167 )
...
* switch to utc time everywhere
Co-authored-by: alteredCoder <kevin@crowdsec.net>
2022-01-19 14:56:05 +01:00
mmetc
7dee103b6e
typos of various nature ( #1072 )
2021-12-06 17:29:23 +01:00
Thibault "bui" Koechlin
3c768490ba
fix #873 without breaking backward ( #1052 )
2021-11-15 14:16:18 +01:00
Thibault "bui" Koechlin
af4bb350c0
hubtests revamp + cscli explain ( #988 )
...
* New hubtest CI for scenarios/parsers from the hub
* New `cscli explain` command to visualize parsers/scenarios pipeline
Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: he2ss <hamza.essahely@gmail.com>
Co-authored-by: Cristian Nitescu <cristian@crowdsec.net>
2021-10-04 17:14:52 +02:00
Thibault "bui" Koechlin
c2fd173d1e
fix node success logic ( #993 )
...
* fix node success logic : only fail node on child failure if mother node has no successfull grok
2021-09-28 17:58:07 +02:00
AlteredCoder
5ae69aa293
fix stacktrace when mmdb file are not present ( #935 )
...
* fix stacktrace when mmdb file are not present
2021-09-09 16:27:30 +02:00
blotus
7a1b955ad1
use our fork of grokky ( #953 )
2021-09-09 14:46:16 +02:00
ThinkChaos
448a227079
Minor changes to specific logs ( #900 )
...
- Minor changes to specific logs
- Fix LAPI to not push signals to CAPI when disabled #907
2021-08-25 18:30:05 +02:00
Manuel Sabban
4dbbd4b3c4
Download datafile ( #895 )
...
* add the ability to download datafile on cscli hub upgrade on files are missing
* fix stuff + lint
* fix error management
Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
2021-08-19 09:08:20 +02:00
Thibault "bui" Koechlin
25ed1c265d
fix #885 : remove dead dependencies for plugin ( #891 )
2021-08-17 10:32:15 +02:00
Thibault "bui" Koechlin
7f0cac8ee6
add support for 'expression' ( fix #822 ) in grok patterns ( #830 )
...
* add support for 'expression' (fix #822 ) in grok patterns
* add tests
2021-06-21 09:07:33 +02:00
Thibault "bui" Koechlin
ce6a61df1c
Refactor Acquisition Interface ( #773 )
...
* Add new acquisition interface + new modules (cloudwatch, syslog)
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
2021-06-11 09:53:53 +02:00
registergoofy
7e9ce901a4
add TimeNow in the exprlib helpers ( #756 )
...
* add TimeNow in the exprlib helpers
* add a default date when none is detected: when no date is recognised by ParseDate, then use time.Now()
2021-04-16 19:13:48 +02:00
AlteredCoder
1e899c2211
Refactor configuration management ( #698 )
2021-03-24 18:16:17 +01:00
AlteredCoder
4166d9ff48
fix pattern registration ( #715 )
2021-03-22 17:17:24 +01:00
Thibault "bui" Koechlin
1938e1a62d
clarify doc on onsuccess in parsers + add new date formats for dateparse ( #703 )
2021-03-19 16:33:10 +01:00
Thibault "bui" Koechlin
0981aa98d8
Pattern syntax consistence ( #675 )
...
* fix #667
* improved error message
* mark the compability, ordered pattern_syntax will be tagged as 'version 2'
* fix tests + add tests to check grok subpattern dependencies
2021-03-10 18:27:21 +01:00
registergoofy
13881edbaa
export node logger ( #537 )
2020-12-14 14:12:22 +01:00
Thibault "bui" Koechlin
dbb420f79e
local api ( #482 )
...
Co-authored-by: AlteredCoder
Co-authored-by: erenJag
2020-11-30 10:37:17 +01:00
AlteredCoder
3801dcc277
fix parser tests
2020-08-23 23:34:12 +02:00
Thibault "bui" Koechlin
1956f52be5
add a warning when a grok pattern ends with \n ( #183 )
2020-08-20 15:07:50 +02:00
Thibault "bui" Koechlin
ceb69f0cef
documentation improvment ( #182 )
2020-08-07 09:40:43 +02:00
Thibault "bui" Koechlin
8128dcf61b
add more tests for pkg/parser (config loading) ( #172 )
2020-08-05 11:20:03 +02:00
AlteredCoder
d8f0f5a3a9
Add debug expr ( #168 )
...
* debug expr in node.go
* update documentation
Co-authored-by: AlteredCoder <AlteredCoder>
Co-authored-by: Thibault bui Koechlin <thibault@crowdsec.net>
2020-08-03 12:21:15 +02:00
erenJag
89c8d1a527
rename metrics and update metrics helps ( #152 )
...
* rename metrics and update metrics helps
* add meta info about crowdsec
Co-authored-by: erenJag <erenJag>
2020-07-29 15:03:15 +02:00
erenJag
44304a30e7
fix #124 ( #127 )
...
* fix #124
2020-07-09 12:41:18 +02:00
Thibault "bui" Koechlin
a0c1ca49d0
Doc : fix whitelists documentation + document data
for parsers/scenarios + document expr helpers + link taxonomy ( #126 )
2020-07-08 10:58:20 +02:00
Thibault "bui" Koechlin
7691e5b663
re-enable postoverflows ( #117 )
...
* re-enable postoverflows
* debug
* yoloooo
* remove debug
* remove error print
* fix test
* fix leakybucket test
* fix
Co-authored-by: AlteredCoder <AlteredCoder>
2020-07-02 17:56:39 +02:00
AlteredCoder
eef1847873
add whitelisted flag in signal occurence ( #114 )
2020-07-02 11:44:27 +02:00