blotus
332af5dd8d
appsec: split return code for bouncer and user ( #2821 )
2024-02-09 14:39:34 +01:00
Laurence Jones
fa56d35a48
[Loki] Set headers/basic auth if set for queryRange ( #2815 )
2024-02-09 14:37:49 +01:00
mmetc
df159b0167
update calls to deprecated x509 methods ( #2824 )
2024-02-09 13:55:24 +01:00
Thibault "bui" Koechlin
3208a40ef3
Dedicated whitelist metrics ( #2813 )
...
* add proper whitelist metrics : both its own table and an extension to acquis metrics to track discarded/whitelisted lines
2024-02-06 18:04:17 +01:00
mmetc
4160bb8102
refact "cscli decisions" ( #2804 )
...
* refact "cscli decisions"
* CI: relax mysql test timing
* lint
2024-02-01 22:36:21 +01:00
mmetc
4192af30d5
refact "cscli bouncers" ( #2776 )
2024-01-31 12:40:41 +01:00
mmetc
6507e8f4cd
cscli: don't print use_wal warning ( #2794 )
2024-01-30 11:07:53 +01:00
mmetc
91b0fce955
option to override hub url template. for testers only. ( #2785 )
2024-01-25 12:53:20 +01:00
mmetc
f75cdeb239
lint: enalble linter "wastedassign" ( #2772 )
2024-01-24 17:31:11 +01:00
mmetc
4b8e6cd780
appsec: avoid nil dereference ( #2773 )
2024-01-23 09:32:41 +01:00
blotus
84606eb207
Appsec hooks fixes ( #2769 )
2024-01-22 13:33:20 +01:00
mmetc
dc698ecea8
log "loading papi client" only if papi is enabled ( #2762 )
2024-01-22 13:25:36 +01:00
mmetc
455acf7c90
lapi/papi: when receiving alerts, log and discard invalid addr/range ( #2708 )
...
https://github.com/crowdsecurity/crowdsec/issues/2687
2024-01-22 12:24:26 +01:00
Thibault "bui" Koechlin
19d36c0fb2
Support console options
in console enroll
( #2760 )
...
* make dev.yaml has a valid/default console path
* simplify and make more consistent help message about console opts
* allow enroll to specify options to enable
* allow 'all' shortcut for --enable
2024-01-19 15:49:00 +01:00
mmetc
6ffb68322f
pkg/hubtest: split hubtest_item.go ( #2753 )
...
* split hubtest_item.go, update linter config
* extract loops to methods
* split installParser
* split installScenario
* split installPostoverflow
* split installAppsecRule
* generalize method installHubItems()
2024-01-18 11:09:14 +01:00
mmetc
d760b401e6
apiclient: split auth_key, auth_retry, auth_jwt ( #2743 )
2024-01-17 15:08:41 +01:00
Laurence Jones
4df4e5b3bf
[parser/scenarios] defer yaml file closure ( #2689 )
...
* Defer close the fd's
* Convert fatals into return with errors
2024-01-17 12:09:01 +01:00
AlteredCoder
70e8377c0d
Fix appsec evt send order ( #2749 )
2024-01-17 11:59:31 +01:00
Thibault "bui" Koechlin
685cda545b
fix the reload process for appsec ( #2750 )
2024-01-17 11:54:44 +01:00
AlteredCoder
a52f1b75ff
Don't close the body of the request ( #2747 )
2024-01-16 17:23:35 +01:00
mmetc
08794c5b6d
[appsec] waf tester ( #2746 )
2024-01-16 11:39:23 +01:00
AlteredCoder
a65223aa5b
Add original http request to hooks ( #2740 )
2024-01-16 10:33:44 +01:00
mmetc
24b5e8f100
Fix #2733 "cscli hang forever when i try to delete a decision" ( #2745 )
2024-01-16 09:16:21 +01:00
mmetc
c6e4762f28
apiserver: remove cached field isEnrolled ( #2744 )
...
not worth it just to avoid parsing a string twice
2024-01-16 09:14:33 +01:00
blotus
6acbcb0a33
Various appsec fixes ( #2742 )
2024-01-15 16:38:11 +01:00
blotus
e452dc80bd
ignore native modsec rules that were either pass or allow ( #2684 )
2024-01-15 15:12:02 +01:00
blotus
fd309134a2
log death reason of file reader if available ( #2721 )
2024-01-15 15:00:49 +01:00
mmetc
48f011dc1c
apiclient/apiserver: lint/2 ( #2741 )
2024-01-15 12:38:31 +01:00
mmetc
75d8ad9798
apiclient/apiserver: lint ( #2739 )
2024-01-15 11:44:38 +01:00
Thibault "bui" Koechlin
6ca053ca67
fix #2720 #2719 ( #2724 )
...
* fix order of display of parsers
* add a --no-clean opt
2024-01-15 09:16:03 +01:00
mmetc
1e0bcedef5
Ignore missing console/context.yaml if not explicitly required by config.yaml ( #2726 )
2024-01-12 16:29:04 +01:00
mmetc
733f5e165b
csprofiles: fix default decision duration, lint ( #2703 )
...
* return nil with errors
* errors.Wrap -> fmt.Errorf
* var -> const
* fix default decision duration
* lint (whitespace)
2024-01-12 15:18:59 +01:00
mmetc
fca8883cd9
cscli capi status -> message for missing credentials ( #2730 )
...
* cscli capi status -> message for missing credentials
* lint
2024-01-12 14:41:36 +01:00
Thibault "bui" Koechlin
896dfefcdf
[appsec] implement count transformation ( #2698 )
...
* implement count transfo
2024-01-12 14:30:08 +01:00
mmetc
6960419a2e
Remove redundant file check for capi_whitelists_path ( #2728 )
2024-01-12 14:17:01 +01:00
Thibault "bui" Koechlin
adba4e2a2f
fix multizone multivar ( #2727 )
2024-01-12 10:11:13 +01:00
mmetc
260f5a7992
pkg/cwhub: improve error messages ( #2712 )
...
* pkg/cwhub: improve error messages
* lint
2024-01-11 10:28:58 +01:00
mmetc
437a97510a
apiclient: handle 0-byte error response ( #2716 )
...
* apiclient: correctly handle 0-byte response
* lint
2024-01-10 12:00:22 +01:00
mmetc
f306d59016
logging: full timestamp with timezone in crowdsec.log ( #2707 )
...
RFC3339 = "2006-01-02T15:04:05Z07:00" (same as /var/log/syslog)
2024-01-08 21:20:25 +01:00
mmetc
5622ac8338
CI: enable testifylint ( #2696 )
...
- reverse actual and expected values
- use assert.False, assert.True
- use assert.Len, assert.Emtpy
- use require.Error, require.NoError
- use assert.InDelta
2024-01-05 15:26:13 +01:00
mmetc
da746f77d5
apiserver/apiclient: compact tests ( #2694 )
...
* apiserver/apiclient: compact tests
* update golangci-lint configuration
2024-01-04 17:10:36 +01:00
Thibault "bui" Koechlin
1c03fbe99e
minor waf fixes ( #2693 )
2024-01-03 17:19:48 +01:00
mmetc
a504113186
lint (wsl) ( #2692 )
2024-01-03 10:55:41 +01:00
mmetc
2a2b09b52a
cwhub: install --force repair tainted, non-installed items ( #2686 )
2024-01-03 10:08:45 +01:00
mmetc
ca784b147b
test and log fixes ( #2690 )
...
* cscli inspect: suggest --diff if an item is tainted
* appropriate warning, or error if context configuration file is empty
* fix user/group lookup unit test
* fix: allow hub upgrade --force with local items
* fix pkg/parser lookup for 8.8.8.8
* fix func test
* fix hubtests: machines add --force
2024-01-03 09:33:52 +01:00
blotus
b6f272d09a
always set the transaction in the current request ( #2682 )
2023-12-22 11:44:06 +01:00
blotus
a62e28fdfb
always set inband transaction even if we have no rules ( #2681 )
2023-12-22 10:18:35 +01:00
blotus
33e3fdabe4
Appsec additional fixes ( #2676 )
2023-12-21 11:51:04 +01:00
mmetc
6e34d609b7
cscli: silence cwhub logger for non-hub related commands ( #2675 )
2023-12-19 17:20:09 +01:00
mmetc
822fcdacbb
fflags: don't print deprecation warning if there is no message (papi) ( #2666 )
2023-12-18 09:35:57 +01:00