Commit graph

58 commits

Author SHA1 Message Date
blotus
772d5b5c32
Add experimental support for re2 (#2138) 2023-03-28 16:26:47 +02:00
Thibault "bui" Koechlin
618be9ff68
properly update the time structure within event (#2122)
* properly update the time structure within event to ensure it works in time-machine

* move LIVE and TIMEMACHINE to pkg/types : less code needs to import leakybucket package, and we avoid duplicating constants
2023-03-16 16:25:50 +01:00
Thibault "bui" Koechlin
5b0fe4b7f1
support for regexps result cache (#2104)
* support for regexps result cache : gcache + xxhash

Co-authored-by: Marco Mariani <marco@crowdsec.net>
2023-03-08 16:07:49 +01:00
blotus
85ab9c68a2
Add cscli papi status and cscli papi sync (#2091) 2023-03-03 13:46:28 +01:00
Thibault "bui" Koechlin
a0b264047c
allow user to specify stash's cache strategy (#2037) 2023-02-06 15:42:55 +01:00
Cristian Nitescu
987f119c4b
v3 capi and blocklists links support (#2019)
* v3 model generation

* v3 model generation

* comms

* fixes after master merge

* missing reader close

* use constants defined for types

---------

Co-authored-by: bui <thibault@crowdsec.net>
2023-02-06 14:06:14 +01:00
AlteredCoder
7e871d2278
rename PAPI base URL (#2033) 2023-02-03 12:10:02 +01:00
Thibault "bui" Koechlin
e927717fa0
Polling API Integration (#1715)
Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: he2ss <hamza.essahely@gmail.com>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
2023-01-31 14:47:44 +01:00
Thibault "bui" Koechlin
6fb962a941
Allow parsers to capture data for future enrichment (#1969)
* Allow parsers to capture data in a cache, that can be later accessed via expr helpers (fake multi-line support)
2023-01-11 15:01:02 +01:00
blotus
fdda940ac0
Add Kubernetes audit acquisition (#1767) 2022-12-06 13:47:29 +01:00
mmetc
895691dad1
enabled linters: gocritic, nilerr (#1853) 2022-11-07 10:36:50 +01:00
mmetc
ddd75eae9a
cscli: new tables, --color yes|no|auto option (#1763) 2022-10-07 11:05:35 +02:00
Manuel Sabban
b2130b1593
Fix 1737 (#1738)
* add GetMeta to *types.Event

Co-authored-by: sabban <15465465+sabban@users.noreply.github.com>
2022-09-07 10:11:39 +02:00
mmetc
414282a2c9
golangci-lint 1.49 and related fixes (#1736) 2022-09-06 13:55:03 +02:00
mmetc
eea07b7a1a
golangci-lint v1.48 and fixes for "usestdlibvars" (#1711) 2022-08-16 09:46:10 +02:00
Thibault "bui" Koechlin
866c200c31
Generic dateparse approach (#1669)
* Allow any parser to suggest a format string for the date to be parsed.

* allow the enricher functions to get the parser's logger so they can inherit the level
2022-07-28 16:41:41 +02:00
mmetc
628d7be1d8
simplify err.Error() to err when used in printf context (#1603) 2022-06-22 15:53:53 +02:00
he2ss
3d6f015211
Add duration expr to add duration formula (#1556)
* add duration expr to add duration formula
2022-06-22 11:29:52 +02:00
mmetc
c78c833400
CI: colored test output, colored crowdsec and crowdsec-api logs, full final db dump for mysql and sqlite (#1596)
* github-ci: color unit test output and logs
* new config option: force_color_logs (useful in CI)
* bats: show sqlite/mysql dump at the end
* removed "-v" (print package names) from "go build"
* general workflow cleanup
2022-06-17 16:12:49 +02:00
mmetc
10585bfecc
enabled linters and fixes for: misspell, predeclared, unconvert, ineffassign, gosimple, govet (#1595) 2022-06-16 14:41:54 +02:00
Thibault "bui" Koechlin
1c0fe09576
Add support for certificate authentication for agents and bouncers (#1428) 2022-06-08 16:05:52 +02:00
mmetc
131ed1b0a7
error reporting (#1501)
* unified error reporting, removed redundancy, tests
2022-05-19 10:48:08 +02:00
blotus
0449ec1868
Windows Support (#1159) 2022-05-17 12:14:59 +02:00
Thibault "bui" Koechlin
e6a35e8714
Improve plugins grouping (alternative to #1424) (#1437)
* Fix races in test (#1446)

Co-authored-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: AlteredCoder <64792091+AlteredCoder@users.noreply.github.com>
2022-04-19 19:12:23 +02:00
mmetc
4b9a0c4ef7
typos (#1453) 2022-04-19 11:25:27 +02:00
Thibault "bui" Koechlin
d8dc01cd94
Revamp unit tests (#1368)
* Revamp unit tests
* Increase coverage
* Use go-acc to get cross packages coverage

Signed-off-by: Shivam Sandbhor <shivam.sandbhor@gmail.com>
2022-03-29 14:20:26 +02:00
blotus
fb74b2fda7
Improve LAPI performance when under high load (#1273) 2022-02-17 17:52:04 +01:00
mmetc
ad28a979e9
local control flow cleanup (#1215)
removed redundant/unreachable returns, else branches, type declarations, unused variables
2022-02-01 22:08:06 +01:00
Thibault "bui" Koechlin
cc1ab8c50d
switch to utc time everywhere (#1167)
* switch to utc time everywhere


Co-authored-by: alteredCoder <kevin@crowdsec.net>
2022-01-19 14:56:05 +01:00
Thibault "bui" Koechlin
a88848009a
fix default perms for log file (#1177)
* fix default perms
2022-01-18 16:54:02 +01:00
Thibault "bui" Koechlin
6e92da76ad
lapi to capi : allow push of tainted/custom/manual decisions (#1154)
* add console command to control signal sharing
* modify metrics endpoint to add lastpush

Co-authored-by: alteredCoder <kevin@crowdsec.net>
2022-01-13 16:46:16 +01:00
blotus
3105897f37
Allow to configure log rotation (#1130) 2021-12-28 11:59:03 +01:00
Thibault "bui" Koechlin
af4bb350c0
hubtests revamp + cscli explain (#988)
* New hubtest CI for scenarios/parsers from the hub
 * New `cscli explain` command to visualize parsers/scenarios pipeline

Co-authored-by: alteredCoder <kevin@crowdsec.net>
Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
Co-authored-by: he2ss <hamza.essahely@gmail.com>
Co-authored-by: Cristian Nitescu <cristian@crowdsec.net>
2021-10-04 17:14:52 +02:00
blotus
7a1b955ad1
use our fork of grokky (#953) 2021-09-09 14:46:16 +02:00
Thibault "bui" Koechlin
c188d401a3
Improve CAPI pull management (#871)
* prepare for new consensus : thousands of ips

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
2021-08-25 11:45:29 +02:00
Thibault "bui" Koechlin
950759f6d6
Output plugins (#878)
* Add plugin system for notifications (#857)
2021-08-25 11:43:29 +02:00
Thibault "bui" Koechlin
7f0cac8ee6
add support for 'expression' (fix #822) in grok patterns (#830)
* add support for 'expression' (fix #822) in grok patterns

* add tests
2021-06-21 09:07:33 +02:00
Thibault "bui" Koechlin
ce6a61df1c
Refactor Acquisition Interface (#773)
* Add new acquisition interface + new modules (cloudwatch, syslog)

Co-authored-by: Sebastien Blot <sebastien@crowdsec.net>
2021-06-11 09:53:53 +02:00
Shivam Sandbhor
f25d02a7c8
Allow bouncers to filter decisions by scope (#817)
Signed-off-by: Shivam Sandbhor <shivam@crowdsec.net>
2021-05-31 15:07:09 +02:00
Thibault "bui" Koechlin
4bb34d8e77
fix #723 : intercept http2 stream closed errors (#724)
* fix #723 : intercept http2 stream closed errors

* factorize the 'dump stacktrace' code
2021-04-07 14:31:03 +02:00
AlteredCoder
8b504e9f67
improve logging in cscli and wizard (#643) 2021-02-25 11:20:36 +01:00
AlteredCoder
5544000d38
lapi: fix ipv6 operations (#567) 2021-01-14 16:27:45 +01:00
Thibault "bui" Koechlin
ad4521f2cc
gin: broken pipe (#538)
* broken pipe

* don't fail if release isn't here
2020-12-14 17:48:32 +01:00
Thibault "bui" Koechlin
2e76097d35
Fix overflows of overflows requesting for different decision scope (#499) 2020-12-02 17:15:48 +01:00
Thibault "bui" Koechlin
dbb420f79e
local api (#482)
Co-authored-by: AlteredCoder
Co-authored-by: erenJag
2020-11-30 10:37:17 +01:00
AlteredCoder
d8f0f5a3a9
Add debug expr (#168)
* debug expr in node.go
* update documentation

Co-authored-by: AlteredCoder <AlteredCoder>
Co-authored-by: Thibault bui Koechlin <thibault@crowdsec.net>
2020-08-03 12:21:15 +02:00
Thibault "bui" Koechlin
177480cff7
updated mysql plugin support (#135)
* add support for plugin, support mysql & so on

* fix queries

Co-authored-by: erenJag <erenJag>
Co-authored-by: AlteredCoder <AlteredCoder>
2020-07-16 16:05:03 +02:00
Thibault "bui" Koechlin
7fe6741df3
Simulation support (#136)
* support simulation mode
2020-07-16 15:59:09 +02:00
AlteredCoder
eef1847873
add whitelisted flag in signal occurence (#114) 2020-07-02 11:44:27 +02:00
Thibault "bui" Koechlin
5446857377
Add crowdsec reload + cscli metrics minor improvements (#79) 2020-06-19 13:57:44 +02:00