From 448a2270791b7ad7f4584001d9857f632985620c Mon Sep 17 00:00:00 2001 From: ThinkChaos Date: Wed, 25 Aug 2021 12:30:05 -0400 Subject: [PATCH] Minor changes to specific logs (#900) - Minor changes to specific logs - Fix LAPI to not push signals to CAPI when disabled #907 --- cmd/crowdsec-cli/capi.go | 6 +++--- cmd/crowdsec-cli/console.go | 6 +++--- cmd/crowdsec-cli/lapi.go | 2 +- config/config.yaml | 2 +- config/dev.yaml | 2 +- config/user.yaml | 2 +- docker/config.yaml | 2 +- pkg/apiserver/controllers/v1/alerts.go | 14 +++++++++----- pkg/csconfig/api.go | 2 +- pkg/parser/unix_parser.go | 10 ++++++---- scripts/func_tests/config/config.yaml | 2 +- scripts/func_tests/config/config_no_agent.yaml | 2 +- 12 files changed, 29 insertions(+), 23 deletions(-) diff --git a/cmd/crowdsec-cli/capi.go b/cmd/crowdsec-cli/capi.go index 509c085fb..47de7ebd6 100644 --- a/cmd/crowdsec-cli/capi.go +++ b/cmd/crowdsec-cli/capi.go @@ -32,7 +32,7 @@ func NewCapiCmd() *cobra.Command { log.Fatal("Local API is disabled, please run this command on the local API machine") } if csConfig.API.Server.OnlineClient == nil { - log.Fatalf("no configuration for crowdsec API in '%s'", *csConfig.FilePath) + log.Fatalf("no configuration for Central API in '%s'", *csConfig.FilePath) } return nil @@ -112,11 +112,11 @@ func NewCapiCmd() *cobra.Command { log.Fatalln("There is no configuration on 'api_client:'") } if csConfig.API.Server.OnlineClient == nil { - log.Fatalf("Please provide credentials for the API in '%s'", csConfig.API.Server.OnlineClient.CredentialsFilePath) + log.Fatalf("Please provide credentials for the Central API (CAPI) in '%s'", csConfig.API.Server.OnlineClient.CredentialsFilePath) } if csConfig.API.Server.OnlineClient.Credentials == nil { - log.Fatalf("no credentials for crowdsec API in '%s'", csConfig.API.Server.OnlineClient.CredentialsFilePath) + log.Fatalf("no credentials for Central API (CAPI) in '%s'", csConfig.API.Server.OnlineClient.CredentialsFilePath) } password := strfmt.Password(csConfig.API.Server.OnlineClient.Credentials.Password) diff --git a/cmd/crowdsec-cli/console.go b/cmd/crowdsec-cli/console.go index db14a420b..63fe9e2a6 100644 --- a/cmd/crowdsec-cli/console.go +++ b/cmd/crowdsec-cli/console.go @@ -23,7 +23,7 @@ func NewConsoleCmd() *cobra.Command { log.Fatal("Local API is disabled, please run this command on the local API machine") } if csConfig.API.Server.OnlineClient == nil { - log.Fatalf("no configuration for crowdsec API in '%s'", *csConfig.FilePath) + log.Fatalf("no configuration for Central API (CAPI) in '%s'", *csConfig.FilePath) } return nil @@ -45,10 +45,10 @@ After running this command your will need to validate the enrollment in the weba log.Fatal("Local API is disabled, please run this command on the local API machine") } if csConfig.API.Server.OnlineClient == nil { - log.Fatalf("no configuration for crowdsec API in '%s'", *csConfig.FilePath) + log.Fatalf("no configuration for Central API (CAPI) in '%s'", *csConfig.FilePath) } if csConfig.API.Server.OnlineClient.Credentials == nil { - log.Fatal("You must configure CAPI with `cscli capi register` before enrolling your instance") + log.Fatal("You must configure Central API (CAPI) with `cscli capi register` before enrolling your instance") } return nil }, diff --git a/cmd/crowdsec-cli/lapi.go b/cmd/crowdsec-cli/lapi.go index 9e399191a..6fb749af5 100644 --- a/cmd/crowdsec-cli/lapi.go +++ b/cmd/crowdsec-cli/lapi.go @@ -35,7 +35,7 @@ func NewLapiCmd() *cobra.Command { log.Fatalln("There is no API->client configuration") } if csConfig.API.Client.Credentials == nil { - log.Fatalf("no configuration for crowdsec API in '%s'", *csConfig.FilePath) + log.Fatalf("no configuration for Local API (LAPI) in '%s'", *csConfig.FilePath) } return nil }, diff --git a/config/config.yaml b/config/config.yaml index 57b3dd8e6..9c793ded2 100644 --- a/config/config.yaml +++ b/config/config.yaml @@ -38,7 +38,7 @@ api: log_level: info listen_uri: 127.0.0.1:8080 profiles_path: /etc/crowdsec/profiles.yaml - online_client: # Crowdsec API credentials (to push signals and receive bad IPs) + online_client: # Central API credentials (to push signals and receive bad IPs) credentials_path: /etc/crowdsec/online_api_credentials.yaml # tls: # cert_file: /etc/crowdsec/ssl/cert.pem diff --git a/config/dev.yaml b/config/dev.yaml index f8573fb6c..53e55520c 100644 --- a/config/dev.yaml +++ b/config/dev.yaml @@ -36,7 +36,7 @@ api: tls: #cert_file: ./cert.pem #key_file: ./key.pem - online_client: # Crowdsec API + online_client: # Central API credentials_path: ./config/online_api_credentials.yaml prometheus: enabled: true diff --git a/config/user.yaml b/config/user.yaml index 362d517b1..f3ab2147d 100644 --- a/config/user.yaml +++ b/config/user.yaml @@ -33,7 +33,7 @@ api: #log_level: info listen_uri: 127.0.0.1:8080 profiles_path: /etc/crowdsec/profiles.yaml - online_client: # Crowdsec API + online_client: # Central API credentials_path: /etc/crowdsec/online_api_credentials.yaml prometheus: enabled: true diff --git a/docker/config.yaml b/docker/config.yaml index 6c39256f2..8f62cd1f1 100644 --- a/docker/config.yaml +++ b/docker/config.yaml @@ -37,7 +37,7 @@ api: log_level: info listen_uri: 0.0.0.0:8080 profiles_path: /etc/crowdsec/profiles.yaml - online_client: # Crowdsec API credentials (to push signals and receive bad IPs) + online_client: # Central API credentials (to push signals and receive bad IPs) #credentials_path: /etc/crowdsec/online_api_credentials.yaml # tls: # cert_file: /etc/crowdsec/ssl/cert.pem diff --git a/pkg/apiserver/controllers/v1/alerts.go b/pkg/apiserver/controllers/v1/alerts.go index 80228672e..8f129ac09 100644 --- a/pkg/apiserver/controllers/v1/alerts.go +++ b/pkg/apiserver/controllers/v1/alerts.go @@ -166,12 +166,16 @@ func (c *Controller) CreateAlert(gctx *gin.Context) { for _, alert := range input { alert.MachineID = machineID } - select { - case c.CAPIChan <- input: - log.Debugf("alert sent to CAPI channel") - default: - log.Warningf("Cannot send alert to Central API channel") + + if c.CAPIChan != nil { + select { + case c.CAPIChan <- input: + log.Debug("alert sent to CAPI channel") + default: + log.Warning("Cannot send alert to Central API channel") + } } + gctx.JSON(http.StatusCreated, alerts) return } diff --git a/pkg/csconfig/api.go b/pkg/csconfig/api.go index b83d8275d..7862cd7a4 100644 --- a/pkg/csconfig/api.go +++ b/pkg/csconfig/api.go @@ -111,7 +111,7 @@ func (c *Config) LoadAPIServer() error { } } if c.API.Server.OnlineClient == nil || c.API.Server.OnlineClient.Credentials == nil { - log.Printf("push and pull to crowdsec API disabled") + log.Printf("push and pull to Central API disabled") } if err := c.LoadDBConfig(); err != nil { return err diff --git a/pkg/parser/unix_parser.go b/pkg/parser/unix_parser.go index 588227df4..d0d076ffa 100644 --- a/pkg/parser/unix_parser.go +++ b/pkg/parser/unix_parser.go @@ -3,6 +3,7 @@ package parser import ( "fmt" "io/ioutil" + "path" "github.com/crowdsecurity/crowdsec/pkg/csconfig" @@ -36,7 +37,7 @@ func Init(c map[string]interface{}) (*UnixParserCtx, error) { } r.DataFolder = c["data"].(string) for _, f := range files { - if err := r.Grok.AddFromFile(c["patterns"].(string) + f.Name()); err != nil { + if err := r.Grok.AddFromFile(path.Join(c["patterns"].(string), f.Name())); err != nil { log.Errorf("failed to load pattern %s : %v", f.Name(), err) return nil, err } @@ -48,14 +49,15 @@ func Init(c map[string]interface{}) (*UnixParserCtx, error) { func LoadParsers(cConfig *csconfig.Config, parsers *Parsers) (*Parsers, error) { var err error - log.Infof("Loading grok library %s", cConfig.Crowdsec.ConfigDir+string("/patterns/")) + patternsDir := path.Join(cConfig.Crowdsec.ConfigDir, "patterns/") + log.Infof("Loading grok library %s", patternsDir) /* load base regexps for two grok parsers */ - parsers.Ctx, err = Init(map[string]interface{}{"patterns": cConfig.Crowdsec.ConfigDir + string("/patterns/"), + parsers.Ctx, err = Init(map[string]interface{}{"patterns": patternsDir, "data": cConfig.Crowdsec.DataDir}) if err != nil { return parsers, fmt.Errorf("failed to load parser patterns : %v", err) } - parsers.Povfwctx, err = Init(map[string]interface{}{"patterns": cConfig.Crowdsec.ConfigDir + string("/patterns/"), + parsers.Povfwctx, err = Init(map[string]interface{}{"patterns": patternsDir, "data": cConfig.Crowdsec.DataDir}) if err != nil { return parsers, fmt.Errorf("failed to load postovflw parser patterns : %v", err) diff --git a/scripts/func_tests/config/config.yaml b/scripts/func_tests/config/config.yaml index 19e18c18a..db955b1ae 100644 --- a/scripts/func_tests/config/config.yaml +++ b/scripts/func_tests/config/config.yaml @@ -31,7 +31,7 @@ api: log_level: info listen_uri: 127.0.0.1:8080 profiles_path: /etc/crowdsec/profiles.yaml - online_client: # Crowdsec API credentials (to push signals and receive bad IPs) + online_client: # Central API credentials (to push signals and receive bad IPs) credentials_path: /etc/crowdsec/online_api_credentials.yaml # tls: # cert_file: /etc/crowdsec/ssl/cert.pem diff --git a/scripts/func_tests/config/config_no_agent.yaml b/scripts/func_tests/config/config_no_agent.yaml index 04a8d4450..634d459da 100644 --- a/scripts/func_tests/config/config_no_agent.yaml +++ b/scripts/func_tests/config/config_no_agent.yaml @@ -29,7 +29,7 @@ api: log_level: info listen_uri: 127.0.0.1:8080 profiles_path: /etc/crowdsec/profiles.yaml - online_client: # Crowdsec API credentials (to push signals and receive bad IPs) + online_client: # Central API credentials (to push signals and receive bad IPs) credentials_path: /etc/crowdsec/online_api_credentials.yaml # tls: # cert_file: /etc/crowdsec/ssl/cert.pem