Commit graph

601 commits

Author SHA1 Message Date
alteredCoder
84b6570554 Revert "Merge remote-tracking branch 'origin' into coraza_poc_acquis"
This reverts commit 7098e971c7, reversing
changes made to 13512891e4.
2023-07-04 18:46:20 +02:00
alteredCoder
7098e971c7 Merge remote-tracking branch 'origin' into coraza_poc_acquis 2023-07-04 17:42:39 +02:00
alteredCoder
13512891e4 add waf_routines 2023-07-04 17:36:56 +02:00
mmetc
17cd792826
CI: update ansible tests for re2 (#2318) 2023-06-29 16:35:19 +02:00
mmetc
bd41f855cf
errors.Wrap -> fmt.Errorf (#2317) 2023-06-29 11:34:59 +02:00
blotus
e61d5a3034
rename status to state in fire response (#2313) 2023-06-29 11:06:49 +02:00
mmetc
893394ef5f
rename metabase APIClient to avoid confusion (#2305) 2023-06-27 15:07:16 +02:00
mmetc
e404e0b608
raise error with invalid 'on_success', 'on_failure' in profile (#2303) 2023-06-27 15:03:07 +02:00
mmetc
85839b0199
support for stdin with "cscli decision import" and raw values (#2291)
and remove Origin from the struct, which was ignored anyway
2023-06-27 14:29:42 +02:00
mmetc
a910b7beca
non-fatal error if some datasource can't be run (i.e. journalctl but systemd is missing) (#2309)
This on the other hand, gives a new fatal error when there are no valid datasources.
In the previous version, crowdsec kept running with just a warning if no
acquisition yaml or dir were specified.
2023-06-27 10:13:13 +02:00
mmetc
507da49b5a
send metrics immediately if agents are added or removed (#2296) 2023-06-23 14:06:04 +02:00
mmetc
9beb5388cb
errors.Wrap -> fmt.Errorf; clean up imports (#2301) 2023-06-23 14:04:58 +02:00
mmetc
e42841cd00
Change api_key encoding to base64 to comply with bcrypt max size (#2302) 2023-06-23 13:54:36 +02:00
mmetc
62caffb102
update leakybucket readme (#2298) 2023-06-22 15:35:01 +02:00
mmetc
fddf597040
errors.Wrap -> fmt.Errorf; clean up imports (#2297) 2023-06-22 15:01:34 +02:00
mmetc
8bfeb7d90d
Update go dependencies (#2293)
- update fatih/color (fix windows issue)
- update mongo-driver (fix build issue)
- go.mod: merge two "require" blocks
- update semver dependency (same version as indirect dep), fix test checks in cscli setup
- remove gotest.tools dependency (use testify, cstest)
- update x/ exp, mod, sys dependencies
2023-06-22 11:31:41 +02:00
Emanuel Seemann
40e6b205bc
Add bayesian bucket type (#2290) 2023-06-21 15:08:27 +02:00
mmetc
da6106bd23
spellcheck/style leakybucket readme (#2294) 2023-06-21 11:47:07 +02:00
mmetc
f7409d47be
fix error message when failing to parse ip address (#2292)
Co-authored-by: Thibault "bui" Koechlin <thibault@crowdsec.net>
2023-06-21 09:22:25 +02:00
Laurence Jones
2c8769adf6
Update jsonextract.go (#2287)
Return nil instead of empty string as ParseKV does the same
2023-06-16 18:34:55 +01:00
Sebastien Blot
3fe6e3be14
check for interruption and ignore empty messages 2023-06-16 16:52:01 +02:00
alteredCoder
877d4fc32d update 2023-06-16 14:23:53 +02:00
alteredCoder
07b60233db update waf 2023-06-16 12:19:44 +02:00
Sebastien Blot
9180ac7be9
wip 2023-06-15 22:51:57 +02:00
Sebastien Blot
805752dc62
wip 2023-06-13 17:08:48 +02:00
alteredCoder
40f65de7b9 optim 2023-06-13 16:31:30 +02:00
alteredCoder
fa172bed56 up 2023-06-13 15:41:32 +02:00
mmetc
b9a3acb03f
light pkg/parser cleanup (#2279)
* pkg/parser: clean up imports
* remove duplicate import
* simplify boolean expression
* don't check length before range
* if..else if.. -> switch/case
* errors.Wrap -> fmt.Errorf
* typo, lint
* redundant break
2023-06-13 13:16:13 +02:00
Sebastien Blot
a2e6359880
merge 2023-06-09 13:01:58 +02:00
Sebastien Blot
c46e2ccdad
up 2023-06-09 13:00:43 +02:00
alteredCoder
61e1cc29d5 update 2023-06-08 17:45:21 +02:00
mmetc
76429f033a
trim pkg/types: move DataSet/GetData to pkg/cwhub, removed unused Clone function (#2271) 2023-06-08 16:49:51 +02:00
mmetc
cf747d65e0
fix missing import (#2275) 2023-06-08 15:49:37 +02:00
mmetc
25bb23d8b7
minor refactor to pkg/types, cscli machines (#2270)
* cleanup: separate ui and logic
* trim some code from pkg/types
2023-06-08 15:08:51 +02:00
mmetc
6096cb3c9b
Move grok_pattern.go away from pkg/types to trim bouncer dependencies (#2269) 2023-06-08 15:07:30 +02:00
mmetc
8da9d5eefd
don't log notification error if not running under systemd (#2274) 2023-06-08 15:04:48 +02:00
Sebastien Blot
415e2dc68d
merge 2023-06-08 11:22:16 +02:00
bui
739d086325 up 2023-06-07 14:12:42 +02:00
bui
30455a8eb6 progress 2023-06-07 13:45:36 +02:00
mmetc
5b3200173e
don't pre-create log files (not required anymore) (#2267)
The lumberjack package fixed the issue in natefinch/lumberjack#83 (tested with umask 002) and this code is now redundant since we updated the dependency to v2.2.1.
2023-06-07 12:58:35 +02:00
bui
d123254949 wip 2023-06-06 18:28:06 +02:00
Thibault "bui" Koechlin
ee8b31348b
Merge branch 'master' into coraza_poc_acquis 2023-06-06 18:23:59 +02:00
mmetc
edd062522d
build against libre2-dev if found (#2255) 2023-06-06 15:46:25 +02:00
mmetc
3cc6b2c0d0
CI: add tests for metrics configuration (#2251) 2023-06-05 23:17:30 +02:00
mmetc
0191faf3a8
update notif threshold test on windows (#2265) 2023-06-05 22:58:13 +02:00
Sebastien Blot
4a7e26af02
wip 2023-06-05 19:33:03 +02:00
Sebastien Blot
a7d80aacd6
merge coraza poc branch 2023-06-05 14:37:39 +02:00
Sebastien Blot
7078d79ce4
merge 2023-06-05 14:30:14 +02:00
Sebastien Blot
65884fb4be
wip 2023-06-05 14:22:35 +02:00
mmetc
e3cb4ab2c4
do not send more than group_threshold alerts at once to a notification plugin (#2264)
* do not send more than group_threshold alerts at once to a notification plugin
* Use generic Chunks function, updated tests

---------

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
2023-06-05 12:55:03 +02:00