Marco Mariani
b21fa99902
cscli lapi: log.Fatal -> fmt.Errorf; lint
2023-12-07 09:45:14 +01:00
Marco Mariani
18b53128a5
add hub type "context"
2023-12-07 09:44:54 +01:00
mmetc
8fa84e5cd9
cscli: generic hubappsec ( #2642 )
2023-12-06 15:42:14 +01:00
Sebastien Blot
493880824b
add matched zones in context for appsec alerts
2023-12-06 13:24:03 +01:00
mmetc
fe78511b48
cscli: simplify generic item commands ( #2641 )
2023-12-06 12:09:27 +01:00
Sebastien Blot
0c61726971
propagate request_id/runner_id in more places for logging
2023-12-06 11:21:54 +01:00
bui
c9e4aebd00
up
2023-12-06 10:54:28 +01:00
bui
dce1f3cd8c
lower debug here, fix logging there
2023-12-06 10:48:03 +01:00
Sebastien Blot
00d899ee8e
rename struct in UnmarshalConfig
2023-12-06 10:35:04 +01:00
Sebastien Blot
25635a306f
propagate labels from acquis to appsec events
2023-12-06 10:27:29 +01:00
Sebastien Blot
5503b2374a
up
2023-12-05 17:32:03 +01:00
Sebastien Blot
169e39a4a9
fix log level propagation + log requests to the appsec engine
2023-12-05 17:22:59 +01:00
mmetc
f7c5726a0a
minor reverts and tweaks ( #2639 )
2023-12-05 17:06:25 +01:00
Sebastien Blot
0c030a3bb5
use fmt.Printf to make it more readable
2023-12-05 16:49:34 +01:00
Sebastien Blot
9b79a37eff
display crowdsec logs when nuclei tests fail
2023-12-05 16:23:14 +01:00
Marco Mariani
63f230b24b
remove hub-1.5.6 reference from github workflows
2023-12-05 14:55:44 +01:00
Sebastien Blot
17384368ae
merge master
2023-12-05 14:01:28 +01:00
Sebastien Blot
bd2c59b054
fix some tests
2023-12-05 13:55:49 +01:00
mmetc
1ab4487b65
cscli hub list: show only non-empty tables with -o human
...
* agent config: remove unused LintOnly bool
* Item.IsLocal() -> Item.State.IsLocal(); split method InstallStatus()
* cscli hub list: show only non-empty tables with -o human
2023-12-05 13:38:52 +01:00
mmetc
486f96e7ac
cscli context detect: fix nil dereference ( #2635 )
...
* cscli context detect: fix nil dereference
* Remove log.warning for missing pattern
2023-12-05 12:08:35 +01:00
mmetc
8bb7da3994
docker tests: force local machine creation ( #2636 )
...
This is required from 1.5.6 to overwrite the local credentials file
2023-12-05 11:52:04 +01:00
alteredCoder
91a6263b5b
use official way of getting metrics for acquisition
2023-12-05 11:00:23 +01:00
Sebastien Blot
aa02a00fc2
remove unused var
2023-12-05 10:57:02 +01:00
mmetc
0f3ae64062
cscli config show: pretty print with package "litter" ( #2633 )
2023-12-05 10:38:21 +01:00
Sebastien Blot
cce83d1bdc
appsec renaming, part 7
2023-12-05 09:48:56 +01:00
Sebastien Blot
b86ac92b11
appsec renaming, part 6
2023-12-05 01:02:41 +01:00
Sebastien Blot
bb307dd339
return an error if not appsec-rules matches
2023-12-05 01:01:15 +01:00
Sebastien Blot
52c1e16216
more debug when loading rules
2023-12-05 01:00:59 +01:00
Sebastien Blot
1a1f4f6169
do not spam with "unknown" metrics
2023-12-05 00:15:29 +01:00
Sebastien Blot
722ce46946
remove useless check
2023-12-04 23:48:48 +01:00
mmetc
0c4093dcca
Test for acquisition errors in crowdsec -t ( #2629 )
2023-12-04 23:09:42 +01:00
mmetc
23968e472d
Refact bouncer auth ( #2456 )
...
Co-authored-by: blotus <sebastien@crowdsec.net>
2023-12-04 23:06:01 +01:00
mmetc
a5ab73d458
cscli machines add: don't overwrite existing credential file ( #2625 )
...
* cscli machines add: don't overwrite existing credential file
* keep old behavior with --force
Now --force is used both to override the replacement of and existing machine,
and an existing credentials file. To retain the old behavior, the
existence of the file is only checked for the default configuration, not
if explicitly specified.
2023-12-04 22:59:52 +01:00
Sebastien Blot
059c0adb93
appsec renaming, part 5
2023-12-04 22:49:11 +01:00
Sebastien Blot
2089ad6663
appsec renaming, part 4
2023-12-04 22:36:25 +01:00
Sebastien Blot
8046690219
appsec renaming, part 3
2023-12-04 22:07:34 +01:00
Sebastien Blot
bff93d7b01
appsec renaming, part 2
2023-12-04 21:58:29 +01:00
Sebastien Blot
c3a4066646
appsec renaming, part 1
2023-12-04 21:41:51 +01:00
Sebastien Blot
42e1da2507
merge listen_addr and listen_port, default to 127.0.0.1:7442 if not set
2023-12-04 21:18:48 +01:00
Sebastien Blot
1c22783661
no need for any in helpers as we are not using expr.Function
2023-12-04 21:16:01 +01:00
Sebastien Blot
e637e7bf8b
Revert "use expr func"
...
This reverts commit ac451ccaf3
.
2023-12-04 21:00:19 +01:00
Sebastien Blot
ac451ccaf3
use expr func
2023-12-04 21:00:09 +01:00
Laurence Jones
f8755be9cd
Fix formt on documentation ( #2577 )
...
When generating decisions import docusarus v3 now does not allow `{` without escaping this adds escaping
2023-12-04 15:52:14 +00:00
Sebastien Blot
b01901b04e
fix Remove{in,out}bandRuleBy{name,tag} for pre_eval
2023-12-04 15:13:11 +01:00
Sebastien Blot
cb030beaca
Fix Remove{in,out}bandby{name,tag}
2023-12-04 15:02:32 +01:00
Sebastien Blot
6fb965bb3f
add SetRemediationByTag/Name/ID
2023-12-04 14:01:10 +01:00
Laurence Jones
d1bfaddb69
[Plugin] Pass down ctx and use it ( #2626 )
...
* Pass down cancellable context and update http plugin
* Use context where we can
2023-12-04 12:05:26 +00:00
Laurence Jones
bfc92ca1c5
[Explain] Ignore blank lines as crowdsec will anyways ( #2630 )
...
* Ignore blank lines within file and stdin
* change cleanup to be persistent postrun so if we exit early it always cleans
* When using log flag we should add a newline so we know where EOF is
* Inverse the check for log line since we dont want to modify the line itself
* Wrap run explain with a function that returns the error after cleaning up
* Wrap run explain with a function that returns the error after cleanup
* Use a defer iif instead of global var
* Add invalid len input to err count so it more obvious what is happening
---------
Co-authored-by: Manuel Sabban <github@sabban.eu>
2023-12-04 11:48:12 +00:00
Sebastien Blot
3d3bf0bb0e
lint
2023-12-04 11:46:01 +01:00
Sebastien Blot
393a8b8ef5
linting
2023-12-04 11:31:31 +01:00