beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
1609 commits 83 branches 177 tags 151 MiB
Commit graph

372 commits

Author SHA1 Message Date
Thibault "bui" Koechlin
3208a40ef3
Dedicated whitelist metrics (#2813) 
* add proper whitelist metrics : both its own table and an extension to acquis metrics to track discarded/whitelisted lines
 2024-02-06 18:04:17 +01:00
mmetc
4e724f6c0a
refact "cscli" root cmd (#2811) 
* refact "cscli" root cmd
* lint (naming, imports, whitespace)
 2024-02-06 10:50:28 +01:00
mmetc
fdc525164a
refact "cscli metrics" part 3 (#2807) 2024-02-06 10:07:05 +01:00
mmetc
81acad0d66
refact "cscli metrics" part 2 (#2806) 2024-02-02 10:40:55 +01:00
mmetc
5ff8a03195
refact "cscli metrics" par 1 (#2805) 2024-02-02 09:45:03 +01:00
mmetc
4160bb8102
refact "cscli decisions" (#2804) 
* refact "cscli decisions"
* CI: relax mysql test timing
* lint
 2024-02-01 22:36:21 +01:00
mmetc
f5fbe4a200
refact "cscli dashboard" (#2803) 2024-02-01 17:27:15 +01:00
mmetc
45c669fb65
refact "cscli papi" (#2802) 2024-02-01 17:27:00 +01:00
mmetc
825c08aa9d
refact "cscli simulation" (#2801) 2024-02-01 17:26:46 +01:00
mmetc
af14f1085f
refact "cscli <itemtype>" (#2782) 2024-02-01 17:26:06 +01:00
mmetc
e6f5d157b8
refact "cscli hub" (#2800) 2024-02-01 17:25:29 +01:00
mmetc
785fce4dc7
refact "cscli alerts" (#2778) 2024-02-01 17:24:00 +01:00
mmetc
17db4cb970
refact "cscli machines" (#2777) 2024-02-01 17:22:52 +01:00
mmetc
4192af30d5
refact "cscli bouncers" (#2776) 2024-01-31 12:40:41 +01:00
mmetc
6507e8f4cd
cscli: don't print use_wal warning (#2794) 2024-01-30 11:07:53 +01:00
mmetc
91b0fce955
option to override hub url template. for testers only. (#2785) 2024-01-25 12:53:20 +01:00
mmetc
8c75efdb2a
lint: disallow naked returns (#2771) 2024-01-24 17:31:34 +01:00
mmetc
f75cdeb239
lint: enalble linter "wastedassign" (#2772) 2024-01-24 17:31:11 +01:00
mmetc
455acf7c90
lapi/papi: when receiving alerts, log and discard invalid addr/range (#2708) 
https://github.com/crowdsecurity/crowdsec/issues/2687
 2024-01-22 12:24:26 +01:00
Thibault "bui" Koechlin
19d36c0fb2
Support console options in console enroll (#2760) 
* make dev.yaml has a valid/default console path

* simplify and make more consistent help message about console opts

* allow enroll to specify options to enable

* allow 'all' shortcut for --enable
 2024-01-19 15:49:00 +01:00
Thibault "bui" Koechlin
6ca053ca67
fix #2720 #2719 (#2724) 
* fix order of display of parsers

* add a --no-clean opt
 2024-01-15 09:16:03 +01:00
mmetc
fca8883cd9
cscli capi status -> message for missing credentials (#2730) 
* cscli capi status -> message for missing credentials
* lint
 2024-01-12 14:41:36 +01:00
mmetc
260f5a7992
pkg/cwhub: improve error messages (#2712) 
* pkg/cwhub: improve error messages
* lint
 2024-01-11 10:28:58 +01:00
mmetc
f306d59016
logging: full timestamp with timezone in crowdsec.log (#2707) 
RFC3339 = "2006-01-02T15:04:05Z07:00" (same as /var/log/syslog)
 2024-01-08 21:20:25 +01:00
AlteredCoder
bd47dac6a3
Fix #2697 (#2702) 
* Print also sec lang rules in cscli inspect
 2024-01-08 16:44:05 +01:00
mmetc
a504113186
lint (wsl) (#2692) 2024-01-03 10:55:41 +01:00
mmetc
ca784b147b
test and log fixes (#2690) 
* cscli inspect: suggest --diff if an item is tainted
* appropriate warning, or error if context configuration file is empty
* fix user/group lookup unit test
* fix: allow hub upgrade --force with local items
* fix pkg/parser lookup for 8.8.8.8
* fix func test
* fix hubtests: machines add --force
 2024-01-03 09:33:52 +01:00
Laurence Jones
bc9bfa81b2
[notifications] fix segfault because url is not loaded (#2679) 2023-12-21 12:27:34 +00:00
Laurence Jones
2212c2f847
[notifications] Fix bug, list show non active (#2678) 
* Fix bug, show non active notifications and sort based on profiles

* diff fix
 2023-12-21 11:16:54 +00:00
blotus
33e3fdabe4
Appsec additional fixes (#2676) 2023-12-21 11:51:04 +01:00
mmetc
6e34d609b7
cscli: silence cwhub logger for non-hub related commands (#2675) 2023-12-19 17:20:09 +01:00
mmetc
08694adf1b
lint (errorlint) (#2644) 2023-12-18 09:35:28 +01:00
mmetc
a79fcaf378
Add "taintedBy" and "--diff" flag to cscli... inspect (#2665) 
* "cscli inspect" reports tainted sub-items
* cscli... inspect --diff
* unified diff
* option --diff --rev
* tainted message
* correctly report multiple taint reasons
 2023-12-15 15:27:22 +01:00
mmetc
a851e14c88
improve deprecation message with file location (#2662) 
* better "lapi context" messages
* func tests: include all items in hub_purge_all
* docker + tests: update yq
 2023-12-14 16:11:11 +01:00
AlteredCoder
a941576acc
Improvement to run hubtest for appsec in docker (#2660) 2023-12-14 16:05:16 +01:00
mmetc
67cdf91f94
Short build tag in version number (#2658) 
* use short commit hash in version number
* var -> const
* cscli: extract version.go, doc.go
* don't repeat commit hash in version number
 2023-12-14 09:16:38 +01:00
Thibault "bui" Koechlin
51f70e47e3
Minor improvements to hubtest and appsec component (#2656) 2023-12-13 17:45:56 +01:00
mmetc
12d9fba4b3
cscli machines: lint + write output to stdout instead of log (#2657) 
* feedback on stdout, not log.Info
* rename parameters to silence warnings from "unusedparams"
* debian postinst: skip duplicate warnings with 'cscli machines add'
* rpm postinst: skip duplicate warnings in 'cscli machines add'
* update func tests
* debian prerm: if dashboard remove fails, explain it's ok
* debian prerm: suppress warnings about wal, capi when attempting to remove the dashboard
* wizard.sh: log format like crowdsec
 2023-12-13 15:43:46 +01:00
mmetc
c10aad79d9
cscli refact / encapsulate methods for capi, hubtest, dashboard, alerts, decisions, simulation (#2650) 2023-12-11 10:32:54 +01:00
blotus
04f3dc09f9
remove PAPI feature flag (#2601) 2023-12-08 14:55:45 +01:00
mmetc
84cbff16d4
restrict file permissions from "machines add" (#2648) 2023-12-08 10:51:15 +01:00
mmetc
4acb4f8df3
cwhub: context type (#2631) 
* add hub type "context"
* cscli lapi: log.Fatal -> fmt.Errorf; lint
* tests for context.yaml
* load console context from hub
* original & compiled context
* deprecate "cscli lapi context delete"
$ cscli lapi context delete
Command "delete" is deprecated, please manually edit the context file.
* cscli completion: add appsec-rules, appsec-configs, explain, hubtest
 2023-12-07 16:20:13 +01:00
mmetc
3e86f52250
cscli refact - encapsulation with types (#2643) 
* refactor type cliHub, cliBouncers, cliMachines, cliPapi, cliNotifications, cliSupport, type cliExplain
 2023-12-07 14:36:35 +01:00
Thibault "bui" Koechlin
8cca4346a5
Application Security Engine Support (#2273) 
Add a new datasource that:
- Receives HTTP requests from remediation components
- Apply rules on them to determine whether they are malicious or not
- Rules can be evaluated in-band (the remediation component will block the request directly) or out-band (the RC will let the request through, but crowdsec can still process the rule matches with scenarios)

The PR also adds support for 2 new hub items:
- appsec-configs: Configure the Application Security Engine (which rules to load, in which phase)
- appsec-rules: a rule that is added in the Application Security Engine (can use either our own format, or seclang)

---------

Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: mmetc <92726601+mmetc@users.noreply.github.com>
Co-authored-by: Marco Mariani <marco@crowdsec.net>
 2023-12-07 12:21:04 +01:00
mmetc
1ab4487b65
cscli hub list: show only non-empty tables with -o human 
* agent config: remove unused LintOnly bool
* Item.IsLocal() -> Item.State.IsLocal(); split method InstallStatus()
* cscli hub list: show only non-empty tables with -o human
 2023-12-05 13:38:52 +01:00
mmetc
486f96e7ac
cscli context detect: fix nil dereference (#2635) 
* cscli context detect: fix nil dereference
* Remove log.warning for missing pattern
 2023-12-05 12:08:35 +01:00
mmetc
0f3ae64062
cscli config show: pretty print with package "litter" (#2633) 2023-12-05 10:38:21 +01:00
mmetc
23968e472d
Refact bouncer auth (#2456) 
Co-authored-by: blotus <sebastien@crowdsec.net>
 2023-12-04 23:06:01 +01:00
mmetc
a5ab73d458
cscli machines add: don't overwrite existing credential file (#2625) 
* cscli machines add: don't overwrite existing credential file
* keep old behavior with --force
Now --force is used both to override the replacement of and existing machine,
and an existing credentials file. To retain the old behavior, the
existence of the file is only checked for the default configuration, not
if explicitly specified.
 2023-12-04 22:59:52 +01:00
Laurence Jones
f8755be9cd
Fix formt on documentation (#2577) 
When generating decisions import docusarus v3 now does not allow `{` without escaping this adds escaping
 2023-12-04 15:52:14 +00:00