Commit graph

61 commits

Author SHA1 Message Date
marco
39e6657cf3 watchdog 2024-04-22 13:10:36 +02:00
mmetc
5356ccc6cd
cron: spread server load when upgrading hub and data files (#2873) 2024-03-06 13:42:57 +01:00
mmetc
8e9e091656
systemd: check configuration before attempting reload (#2861) 2024-02-26 13:44:40 +01:00
Thibault "bui" Koechlin
19d36c0fb2
Support console options in console enroll (#2760)
* make dev.yaml has a valid/default console path

* simplify and make more consistent help message about console opts

* allow enroll to specify options to enable

* allow 'all' shortcut for --enable
2024-01-19 15:49:00 +01:00
Zafer Balkan
e1932ff01e
Used asterisk for Defender Firewall log name (#2671)
Log name is configurable. MD Docs recommend a log file per profile: https://learn.microsoft.com/en-us/windows/security/operating-system-security/network-security/windows-firewall/configure-logging?tabs=intune
2023-12-20 10:28:40 +01:00
mmetc
ffcab0b2bc
Refactor hub management and cscli commands (#2545) 2023-11-24 15:57:32 +01:00
mmetc
3c16139c44
Reduce log verbosity at startup (#2363)
A configuration syntax test is performed every time the service is
started from systemd. The resulting error, if any, is shown on
journalctl logs.
This PR removes the unnecessary output in crowdsec.log generated by the
configuration test.
2023-07-19 13:28:52 +02:00
mmetc
3b1f412e44
default config: simulation off -> false (yaml 1.2) (#2263) 2023-06-05 10:55:27 +02:00
blotus
8aca0ea860
update default windows acquisition configuration (#2195) 2023-05-12 13:47:01 +02:00
mmetc
b6be18ca65
cscli setup (#1923)
Detect running services and generate acquisition configuration
2023-02-06 07:33:04 +01:00
AlteredCoder
185f9ad541
Alert context (#1895)
Co-authored-by: bui <thibault@crowdsec.net>
2023-01-04 16:50:02 +01:00
mmetc
38b37db55b
systemd: same restart options across deb, rpm, wizard (#1948) 2022-12-28 10:13:05 +01:00
mmetc
fa0e590778
removed pid_dir (#1906) 2022-12-02 13:42:43 +01:00
mmetc
f860a037b5
randomize metric push time (#1852) 2022-11-04 14:54:03 +01:00
mmetc
344b1dc559
fixed package tests w/wal, gitignore/typos (#1849) 2022-10-31 10:02:51 +01:00
mmetc
df88f4e1e9
randomize pull, push and metric intervals; reload crowdsec only when hub changed (#1846) 2022-10-28 13:55:59 +02:00
Laurence Jones
c1334b9a8b
Test if cscli is installed if so run hub update and reload (#1827) 2022-10-20 12:59:39 +01:00
Laurence Jones
24b540ecde
Cronjob via packages (#1820)
* Final version
2022-10-18 16:11:48 +01:00
mmetc
2b7e3ff1e7
warn if no acquisition files are found, acquisition_test refactoring, tests (#1816) 2022-10-17 17:32:08 +02:00
blotus
8decbe7670
Properly handle service shutdown on windows (#1662) 2022-07-13 11:54:12 +02:00
he2ss
3d6f015211
Add duration expr to add duration formula (#1556)
* add duration expr to add duration formula
2022-06-22 11:29:52 +02:00
blotus
0449ec1868
Windows Support (#1159) 2022-05-17 12:14:59 +02:00
Thibault "bui" Koechlin
ddfe95e45d
user lumberjack rotate instead (#1492) 2022-04-28 17:19:03 +02:00
Shivam Sandbhor
023ac9e138
Add trusted IPs which have admin API access (#1352)
* Add trusted IPs which have admin API access
2022-03-16 17:28:34 +01:00
mmetc
81793fe8bf
dummy plugin (#1342) 2022-03-16 09:30:04 +01:00
Shivam Sandbhor
76e97303a5
Deprecate pid_file config (#1346)
* Deprecate pid_file config

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>

* Fix unit test

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>

* Impl review suggestions.

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
2022-03-16 09:23:49 +01:00
blotus
fb74b2fda7
Improve LAPI performance when under high load (#1273) 2022-02-17 17:52:04 +01:00
mmetc
8310c10ce3
console_config.yaml -> console.yaml (#1195) 2022-01-21 11:52:23 +01:00
Thibault "bui" Koechlin
6e92da76ad
lapi to capi : allow push of tainted/custom/manual decisions (#1154)
* add console command to control signal sharing
* modify metrics endpoint to add lastpush

Co-authored-by: alteredCoder <kevin@crowdsec.net>
2022-01-13 16:46:16 +01:00
Shivam Sandbhor
a6e405422c
Add email notification plugin. (#1013)
* Add email notification plugin.
* Add plugin binary to gitignore

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
2022-01-06 11:20:59 +01:00
mmetc
7ca3625706
removed legacy cron script (#1040) 2021-11-02 17:00:03 +01:00
he2ss
db5ffb0040
Update test env (#987)
* update test_env
2021-09-24 18:06:30 +02:00
Cristian Nitescu
9d2cd58f31
#975 Mysql default parser: parse also lines with using password NO (#976) 2021-09-24 10:49:49 +02:00
Shivam Sandbhor
b8e24a1e0b
Make plugin runner configurable and run only registered plugins (#944)
* Make plugin runner configurable and run only registered plugins
2021-09-08 11:36:42 +02:00
Manuel Sabban
1d955f4258
fix plugins directories (#942)
* use usr over var for plugins
* add patch for debian directory
* patch rpm conf as well
* update directory structure
* modify config at build time
* use macros

Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
2021-09-07 17:18:55 +02:00
ThinkChaos
448a227079
Minor changes to specific logs (#900)
- Minor changes to specific logs
- Fix LAPI to not push signals to CAPI when disabled #907
2021-08-25 18:30:05 +02:00
Thibault "bui" Koechlin
950759f6d6
Output plugins (#878)
* Add plugin system for notifications (#857)
2021-08-25 11:43:29 +02:00
AlteredCoder
f2d14c8ca2
update the config.yaml file (#674) 2021-03-11 11:18:09 +01:00
Daniel B
09a63ab868
Remove pattern matching valid SSH disconnect (#668)
Fixes #177
2021-03-10 15:10:41 +01:00
Thibault "bui" Koechlin
22ada59393
Allow for acquisition files to be specified from a directory as well (#619)
* allow a acquisition_dir in crowdsec's config + change the behaviour of config loading so that it's working with a list instead. keep backward compat with acquisition_path

* remove the default behaviour of 'guessing' acquis path if param isn't present, and error
2021-02-17 13:55:36 +01:00
Thibault "bui" Koechlin
e74f221044
Fix default configurations (#597)
* fix default perms on SQLite file

* seed the prng securely

* fix defaults to enforce certificates verification

* ensure file is within path

* ensure the directory doesn't exist beforehand

* verify certificate by default

* disable http ip forward headers
2021-02-02 14:15:13 +01:00
AlteredCoder
1c005d6923
fix systemctl env (#535)
Co-authored-by: AlteredCoder <AlteredCoder>
2020-12-14 17:44:24 +01:00
erenJag
b6d73f48cd
Fix some bugs : update doc, codename and fix wizard (#522)
* change localhost to 127.0.0.1 + fix uninstall in wizard
* remove beta from repo
2020-12-08 12:45:36 +01:00
Thibault "bui" Koechlin
6dcc9e7810
change the hub branch for the upcoming release (#513) 2020-12-07 10:42:37 +01:00
AlteredCoder
8707140fb2
Fix documentation errors (#496) 2020-12-01 17:04:13 +01:00
Thibault "bui" Koechlin
e5487aacdb
Doc fix install (#494) 2020-12-01 15:08:36 +01:00
Thibault "bui" Koechlin
dbb420f79e
local api (#482)
Co-authored-by: AlteredCoder
Co-authored-by: erenJag
2020-11-30 10:37:17 +01:00
Thibault "bui" Koechlin
177480cff7
updated mysql plugin support (#135)
* add support for plugin, support mysql & so on

* fix queries

Co-authored-by: erenJag <erenJag>
Co-authored-by: AlteredCoder <AlteredCoder>
2020-07-16 16:05:03 +02:00
Thibault "bui" Koechlin
7fe6741df3
Simulation support (#136)
* support simulation mode
2020-07-16 15:59:09 +02:00
AlteredCoder
98297f741f don't profile in test env 2020-07-07 16:48:06 +02:00