local api (#482)

Co-authored-by: AlteredCoder Co-authored-by: erenJag
2025-05-11 04:15:54 +02:00 · 2020-11-30 10:37:17 +01:00 · 2020-11-30 10:37:17 +01:00 · dbb420f79e
commit dbb420f79e
parent 5f339ab312
563 changed files with 64363 additions and 10714 deletions
--- a/pkg/parser/unix_parser.go
+++ b/pkg/parser/unix_parser.go
@ -2,15 +2,14 @@ package parser

 import (
 	"io/ioutil"
+	"fmt"
+
+	"github.com/crowdsecurity/crowdsec/pkg/csconfig"

-	"github.com/crowdsecurity/crowdsec/pkg/types"
 	"github.com/logrusorgru/grokky"
-	"github.com/prometheus/common/log"
+	log "github.com/sirupsen/logrus"
 )

-type UnixParser struct {
-}
-
 type UnixParserCtx struct {
 	Grok       grokky.Host
 	Stages     []string
@ -18,11 +17,17 @@ type UnixParserCtx struct {
 	DataFolder string
 }

-func (u UnixParser) IsParsable(ctx interface{}, l types.Line) (bool, error) {
-	return true, nil
+type Parsers struct {
+	Ctx             *UnixParserCtx
+	Povfwctx        *UnixParserCtx
+	StageFiles      []Stagefile
+	PovfwStageFiles []Stagefile
+	Nodes           []Node
+	Povfwnodes      []Node
+	EnricherCtx     []EnricherCtx
 }

-func (u UnixParser) Init(c map[string]interface{}) (*UnixParserCtx, error) {
+func Init(c map[string]interface{}) (*UnixParserCtx, error) {
 	r := UnixParserCtx{}
 	r.Grok = grokky.NewBase()
 	files, err := ioutil.ReadDir(c["patterns"].(string))
@ -31,11 +36,64 @@ func (u UnixParser) Init(c map[string]interface{}) (*UnixParserCtx, error) {
 	}
 	r.DataFolder = c["data"].(string)
 	for _, f := range files {
-		log.Debugf("Loading %s", f.Name())
 		if err := r.Grok.AddFromFile(c["patterns"].(string) + f.Name()); err != nil {
 			log.Errorf("failed to load pattern %s : %v", f.Name(), err)
 			return nil, err
 		}
 	}
+	log.Debugf("Loaded %d pattern files", len(files))
 	return &r, nil
 }
+
+
+func LoadParsers(cConfig *csconfig.GlobalConfig, parsers *Parsers) (*Parsers, error) {
+	var err error
+
+	log.Infof("Loading grok library %s", cConfig.Crowdsec.ConfigDir+string("/patterns/"))
+	/* load base regexps for two grok parsers */
+	parsers.Ctx, err = Init(map[string]interface{}{"patterns": cConfig.Crowdsec.ConfigDir + string("/patterns/"),
+		"data": cConfig.Crowdsec.DataDir})
+	if err != nil {
+		return parsers, fmt.Errorf("failed to load parser patterns : %v", err)
+	}
+	parsers.Povfwctx, err = Init(map[string]interface{}{"patterns": cConfig.Crowdsec.ConfigDir + string("/patterns/"),
+		"data": cConfig.Crowdsec.DataDir})
+	if err != nil {
+		return parsers, fmt.Errorf("failed to load postovflw parser patterns : %v", err)
+	}
+
+	/*
+		Load enrichers
+	*/
+	log.Infof("Loading enrich plugins")
+
+	parsers.EnricherCtx, err = Loadplugin(cConfig.Crowdsec.DataDir)
+	if err != nil {
+		return parsers, fmt.Errorf("Failed to load enrich plugin : %v", err)
+	}
+
+	/*
+	 Load the actual parsers
+	*/
+
+	log.Infof("Loading parsers %d stages", len(parsers.StageFiles))
+
+	parsers.Nodes, err = LoadStages(parsers.StageFiles, parsers.Ctx, parsers.EnricherCtx)
+	if err != nil {
+		return parsers, fmt.Errorf("failed to load parser config : %v", err)
+	}
+
+	log.Infof("Loading postoverflow Parsers")
+	parsers.Povfwnodes, err = LoadStages(parsers.PovfwStageFiles, parsers.Povfwctx, parsers.EnricherCtx)
+
+	if err != nil {
+		return parsers, fmt.Errorf("failed to load postoverflow config : %v", err)
+	}
+
+	if cConfig.Prometheus != nil && cConfig.Prometheus.Enabled {
+		parsers.Ctx.Profiling = true
+		parsers.Povfwctx.Profiling = true
+	}
+
+	return parsers, nil
+}