Thibault "bui" Koechlin
e4dcdd2572
fix include_capi filter ( #2478 )
2023-09-20 11:56:00 +02:00
Thibault "bui" Koechlin
4c08e1e68c
exclude 'lists' too if we exclude CAPI ( #2474 )
2023-09-19 13:56:22 +02:00
Thibault "bui" Koechlin
0040569fa9
if 'include capi' is false, only exclude capi alerts instead of assuming they necessarily have attached decisions ( #2435 )
2023-09-12 11:19:36 +02:00
mmetc
d45bec4047
minor log message improvements ( #2455 )
2023-09-12 11:04:56 +02:00
mmetc
fd94e2c056
refactor alert/decisions insert/update to avoid database locking in bulk operations ( #2446 )
2023-09-04 14:21:45 +02:00
mmetc
25868f27de
option db_client.decision_bulk_size ( #2440 )
2023-08-25 17:05:17 +02:00
mmetc
e36df40ba7
pkg/types cleanup ( #2398 )
...
* move function GetLineCountForFile from pkg/types to cscli
* move ParseDuration from pkg/types to pkg/database
* remove unused types.Profile, types.RemediationProfile
2023-08-24 09:44:46 +02:00
mmetc
9967d60987
errors.Wrap -> fmt.Errorf ( #2333 )
2023-07-06 10:14:45 +02:00
mmetc
85839b0199
support for stdin with "cscli decision import" and raw values ( #2291 )
...
and remove Origin from the struct, which was ignored anyway
2023-06-27 14:29:42 +02:00
mmetc
8bfeb7d90d
Update go dependencies ( #2293 )
...
- update fatih/color (fix windows issue)
- update mongo-driver (fix build issue)
- go.mod: merge two "require" blocks
- update semver dependency (same version as indirect dep), fix test checks in cscli setup
- remove gotest.tools dependency (use testify, cstest)
- update x/ exp, mod, sys dependencies
2023-06-22 11:31:41 +02:00
mmetc
f7409d47be
fix error message when failing to parse ip address ( #2292 )
...
Co-authored-by: Thibault "bui" Koechlin <thibault@crowdsec.net>
2023-06-21 09:22:25 +02:00
Thibault "bui" Koechlin
8f71edaadd
do not error on this filter ( #2182 )
2023-05-04 13:06:15 +02:00
Thibault "bui" Koechlin
3041023ed8
add an optional flag to disable the fetch ( #2169 )
2023-04-14 11:39:16 +02:00
mmetc
20a1bc7d44
chore: simplify pkg/database/alerts ( #2062 )
2023-02-23 10:25:01 +01:00
mmetc
76ea3a063f
fix message "empty scenario"
2023-02-21 09:59:56 +01:00
Cristian Nitescu
987f119c4b
v3 capi and blocklists links support ( #2019 )
...
* v3 model generation
* v3 model generation
* comms
* fixes after master merge
* missing reader close
* use constants defined for types
---------
Co-authored-by: bui <thibault@crowdsec.net>
2023-02-06 14:06:14 +01:00
Thibault "bui" Koechlin
e927717fa0
Polling API Integration ( #1715 )
...
Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: he2ss <hamza.essahely@gmail.com>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
2023-01-31 14:47:44 +01:00
blotus
b7c4bfd4e3
Use explicit transaction when inserting community blocklist ( #1835 )
2022-10-26 10:48:17 +02:00
blotus
bb2f0e938f
Blocklist: Do not duplicate decisions when pulling ( #1796 )
2022-10-19 15:51:40 +02:00
Thibault "bui" Koechlin
ae6bf39495
support decisions deletion via scenario + alerts delete via ID ( #1798 )
2022-10-19 14:37:27 +02:00
Shivam Sandbhor
74659a82ab
Fast bulk alert delete ( #1791 )
2022-10-07 12:40:30 +02:00
mmetc
9b3be5c2e8
Bulk delete alert optimization ( #1782 )
2022-10-05 17:07:44 +02:00
AlteredCoder
02e0f3c095
Fix event.timestamp pointer usage ( #1621 )
...
* Fix event.timestamp pointer usage
* avoid returning an error when creating alerts if something goes wrong during the parsing
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
2022-06-30 17:35:42 +02:00
Thibault "bui" Koechlin
15902dcba6
fix #1615 : cleanup based on heartbeat instead ( #1617 )
2022-06-29 13:21:58 +02:00
mmetc
628d7be1d8
simplify err.Error() to err when used in printf context ( #1603 )
2022-06-22 15:53:53 +02:00
he2ss
3d6f015211
Add duration expr to add duration formula ( #1556 )
...
* add duration expr to add duration formula
2022-06-22 11:29:52 +02:00
Thibault "bui" Koechlin
a6ed08b239
Add alerts and decisions metrics, LAPI and agent timing prom metrics ( #1546 )
2022-06-22 11:14:34 +02:00
mmetc
d71279f023
added flag crowdsec --warning ( #1461 )
2022-06-22 09:38:23 +02:00
mmetc
10585bfecc
enabled linters and fixes for: misspell, predeclared, unconvert, ineffassign, gosimple, govet ( #1595 )
2022-06-16 14:41:54 +02:00
blotus
9c1b78395a
reduce verbosity of TLS auth and FlushAgentsAndBouncers ( #1588 )
2022-06-13 16:08:00 +02:00
Thibault "bui" Koechlin
1c0fe09576
Add support for certificate authentication for agents and bouncers ( #1428 )
2022-06-08 16:05:52 +02:00
he2ss
e88e9946f9
Crowdsec/decisions_stream bug fix ( #1517 )
...
* Fix bug when stream interval is greater or equal to 60s
Co-authored-by: alteredCoder <kevin@crowdsec.net>
2022-05-27 15:23:59 +02:00
AlteredCoder
a645c928d4
Fix decisions list with --no-simu flag ( #1482 )
...
* Fix decisions list with --no-simu flag
2022-04-27 11:05:40 +02:00
mmetc
4b9a0c4ef7
typos ( #1453 )
2022-04-19 11:25:27 +02:00
mmetc
7c0593c659
noop code removal, typos and lint fixes ( #1329 )
2022-03-09 16:15:18 +01:00
Thibault "bui" Koechlin
cc1ab8c50d
switch to utc time everywhere ( #1167 )
...
* switch to utc time everywhere
Co-authored-by: alteredCoder <kevin@crowdsec.net>
2022-01-19 14:56:05 +01:00
AlteredCoder
b1a7ffb92f
fix postgreSQL count fail ( #1184 )
2022-01-19 14:50:53 +01:00
Thibault "bui" Koechlin
3bca25fd6d
lists support from central api ( #1074 )
...
* lists support from central api
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
2022-01-11 14:31:51 +01:00
AlteredCoder
d913ac160e
fix create alert bulk for decisions insertion ( #1107 )
...
* fix create alert bulk for decisions insertion
2021-12-16 18:26:19 +01:00
AlteredCoder
88d06260d7
add cscli decisions import ( #1038 )
...
* add cscli decisions import
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: bui <thibault@crowdsec.net>
2021-12-15 11:39:37 +01:00
blotus
dd03d07355
optimize the flush function by deleting alerts based on their id ( #1054 )
2021-11-17 10:15:38 +01:00
AlteredCoder
fb54388e93
Fix issue 1033 ( #1034 )
...
* Fix issue 1033
2021-11-02 12:16:33 +01:00
blotus
25a2d528b0
Alerts flush: Optimization of the flush mechanism (batch and limit to one job) + add cscli alerts flush
command ( #1024 )
...
- Don't allow running more than one alert flush job at a time to prevent runaway CPU usage in some case. (fix High CPU after Upgrade to 1.2.0 #1022 )
- Add a cscli alerts flush command to manually flush the alerts in the database (fixes Improvement/Manual flush mechanism #1023 ).
- Enable cascading deletion on alerts as we upgraded ent: Deleting an alert in the database will automatically delete all related decisions, events and meta
- Add an index on alerts.id to try to improve flush performance with very big sqlite database.
- Flush alert now operates in batch
2021-10-26 13:33:45 +02:00
Thibault "bui" Koechlin
589cb72d41
enforce a bit more parsing for resillience ( #928 )
2021-09-02 12:34:20 +02:00
Thibault "bui" Koechlin
c188d401a3
Improve CAPI pull management ( #871 )
...
* prepare for new consensus : thousands of ips
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
2021-08-25 11:45:29 +02:00
Thibault "bui" Koechlin
fc7369c4ea
Fix big serialized entries ( #877 )
...
* bump serialized to 8k
* handle oversized serialized entry : progressively strip its size down
2021-08-03 15:46:10 +02:00
Thibault "bui" Koechlin
f881510f79
delete orphan nodes ( fix #778 ) ( #794 )
...
* delete orphan nodes (for #778 and partially #781 )
* and do it as well for decisions
2021-05-17 11:45:01 +02:00
AlteredCoder
c1abf69979
fix #677 ( #684 )
2021-03-12 15:10:56 +01:00
AlteredCoder
5544000d38
lapi: fix ipv6 operations ( #567 )
2021-01-14 16:27:45 +01:00
Thibault "bui" Koechlin
2e76097d35
Fix overflows of overflows requesting for different decision scope ( #499 )
2020-12-02 17:15:48 +01:00