beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
1779 commits 83 branches 177 tags 151 MiB
Commit graph

1779 commits

This branch
This branch
All branches
Author SHA1 Message Date
Sebastien Blot
493880824b
add matched zones in context for appsec alerts 2023-12-06 13:24:03 +01:00
mmetc
fe78511b48
cscli: simplify generic item commands (#2641) 2023-12-06 12:09:27 +01:00
Sebastien Blot
0c61726971
propagate request_id/runner_id in more places for logging 2023-12-06 11:21:54 +01:00
bui
c9e4aebd00 up 2023-12-06 10:54:28 +01:00
bui
dce1f3cd8c lower debug here, fix logging there 2023-12-06 10:48:03 +01:00
Sebastien Blot
00d899ee8e
rename struct in UnmarshalConfig 2023-12-06 10:35:04 +01:00
Sebastien Blot
25635a306f
propagate labels from acquis to appsec events 2023-12-06 10:27:29 +01:00
Sebastien Blot
5503b2374a
up 2023-12-05 17:32:03 +01:00
Sebastien Blot
169e39a4a9
fix log level propagation + log requests to the appsec engine 2023-12-05 17:22:59 +01:00
mmetc
f7c5726a0a
minor reverts and tweaks (#2639) 2023-12-05 17:06:25 +01:00
Sebastien Blot
0c030a3bb5
use fmt.Printf to make it more readable 2023-12-05 16:49:34 +01:00
Sebastien Blot
9b79a37eff
display crowdsec logs when nuclei tests fail 2023-12-05 16:23:14 +01:00
Marco Mariani
63f230b24b remove hub-1.5.6 reference from github workflows 2023-12-05 14:55:44 +01:00
Sebastien Blot
17384368ae
merge master 2023-12-05 14:01:28 +01:00
Sebastien Blot
bd2c59b054
fix some tests 2023-12-05 13:55:49 +01:00
mmetc
1ab4487b65
cscli hub list: show only non-empty tables with -o human 
* agent config: remove unused LintOnly bool
* Item.IsLocal() -> Item.State.IsLocal(); split method InstallStatus()
* cscli hub list: show only non-empty tables with -o human
 2023-12-05 13:38:52 +01:00
mmetc
486f96e7ac
cscli context detect: fix nil dereference (#2635) 
* cscli context detect: fix nil dereference
* Remove log.warning for missing pattern
 2023-12-05 12:08:35 +01:00
mmetc
8bb7da3994
docker tests: force local machine creation (#2636) 
This is required from 1.5.6 to overwrite the local credentials file
 2023-12-05 11:52:04 +01:00
alteredCoder
91a6263b5b use official way of getting metrics for acquisition 2023-12-05 11:00:23 +01:00
Sebastien Blot
aa02a00fc2
remove unused var 2023-12-05 10:57:02 +01:00
mmetc
0f3ae64062
cscli config show: pretty print with package "litter" (#2633) 2023-12-05 10:38:21 +01:00
Sebastien Blot
cce83d1bdc
appsec renaming, part 7 2023-12-05 09:48:56 +01:00
Sebastien Blot
b86ac92b11
appsec renaming, part 6 2023-12-05 01:02:41 +01:00
Sebastien Blot
bb307dd339
return an error if not appsec-rules matches 2023-12-05 01:01:15 +01:00
Sebastien Blot
52c1e16216
more debug when loading rules 2023-12-05 01:00:59 +01:00
Sebastien Blot
1a1f4f6169
do not spam with "unknown" metrics 2023-12-05 00:15:29 +01:00
Sebastien Blot
722ce46946
remove useless check 2023-12-04 23:48:48 +01:00
mmetc
0c4093dcca
Test for acquisition errors in crowdsec -t (#2629) 2023-12-04 23:09:42 +01:00
mmetc
23968e472d
Refact bouncer auth (#2456) 
Co-authored-by: blotus <sebastien@crowdsec.net>
 2023-12-04 23:06:01 +01:00
mmetc
a5ab73d458
cscli machines add: don't overwrite existing credential file (#2625) 
* cscli machines add: don't overwrite existing credential file
* keep old behavior with --force
Now --force is used both to override the replacement of and existing machine,
and an existing credentials file. To retain the old behavior, the
existence of the file is only checked for the default configuration, not
if explicitly specified.
 2023-12-04 22:59:52 +01:00
Sebastien Blot
059c0adb93
appsec renaming, part 5 2023-12-04 22:49:11 +01:00
Sebastien Blot
2089ad6663
appsec renaming, part 4 2023-12-04 22:36:25 +01:00
Sebastien Blot
8046690219
appsec renaming, part 3 2023-12-04 22:07:34 +01:00
Sebastien Blot
bff93d7b01
appsec renaming, part 2 2023-12-04 21:58:29 +01:00
Sebastien Blot
c3a4066646
appsec renaming, part 1 2023-12-04 21:41:51 +01:00
Sebastien Blot
42e1da2507
merge listen_addr and listen_port, default to 127.0.0.1:7442 if not set 2023-12-04 21:18:48 +01:00
Sebastien Blot
1c22783661
no need for any in helpers as we are not using expr.Function 2023-12-04 21:16:01 +01:00
Sebastien Blot
e637e7bf8b
Revert "use expr func" 
This reverts commit ac451ccaf3.
 2023-12-04 21:00:19 +01:00
Sebastien Blot
ac451ccaf3
use expr func 2023-12-04 21:00:09 +01:00
Laurence Jones
f8755be9cd
Fix formt on documentation (#2577) 
When generating decisions import docusarus v3 now does not allow `{` without escaping this adds escaping
 2023-12-04 15:52:14 +00:00
Sebastien Blot
b01901b04e
fix Remove{in,out}bandRuleBy{name,tag} for pre_eval 2023-12-04 15:13:11 +01:00
Sebastien Blot
cb030beaca
Fix Remove{in,out}bandby{name,tag} 2023-12-04 15:02:32 +01:00
Sebastien Blot
6fb965bb3f
add SetRemediationByTag/Name/ID 2023-12-04 14:01:10 +01:00
Laurence Jones
d1bfaddb69
[Plugin] Pass down ctx and use it (#2626) 
* Pass down cancellable context and update http plugin

* Use context where we can
 2023-12-04 12:05:26 +00:00
Laurence Jones
bfc92ca1c5
[Explain] Ignore blank lines as crowdsec will anyways (#2630) 
* Ignore blank lines within file and stdin

* change cleanup to be persistent postrun so if we exit early it always cleans

* When using log flag we should add a newline so we know where EOF is

* Inverse the check for log line since we dont want to modify the line itself

* Wrap run explain with a function that returns the error after cleaning up

* Wrap run explain with a function that returns the error after cleanup

* Use a defer iif instead of global var

* Add invalid len input to err count so it more obvious what is happening

---------

Co-authored-by: Manuel Sabban <github@sabban.eu>
 2023-12-04 11:48:12 +00:00
Sebastien Blot
3d3bf0bb0e
lint 2023-12-04 11:46:01 +01:00
Sebastien Blot
393a8b8ef5
linting 2023-12-04 11:31:31 +01:00
Sebastien Blot
2a920124fe
return an error if a custom rule has both and and or 2023-12-04 11:08:58 +01:00
Laurence Jones
ed3d501081
[Metabase] QOL Changes and chown wal files (#2627) 
* Add detection sqlie wal for dashboard chown

* Lean it down a little

* Change to for loop with extensions

* Keep existing uid on files incase user is running as a unpriviledge user

* I have no idea 🤷

* Exclude dash.go and update windows

* Update

* Renam

* Remove the os check since we no longer get to this stage for those os's

---------

Co-authored-by: Manuel Sabban <github@sabban.eu>
 2023-12-04 10:06:41 +00:00
Sebastien Blot
60faeaa7d7
add post_eval hook 2023-12-04 10:29:14 +01:00