mirrors/crowdsec
1
0
Fork 0
mirror of https://github.com/crowdsecurity/crowdsec.git synced 2025-05-11 12:25:53 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
2057 commits 88 branches 214 tags 262 MiB
Commit graph

984 commits

Author SHA1 Message Date
blotus
3843213d5c
use replace for coraza instead of renaming the entire package (#3530) 2025-03-21 14:30:27 +01:00
mmetc
0459a9a880
update appsec test runner (#3518) 2025-03-18 11:45:06 +01:00
blotus
663dad048b
close appsec transactions after processing request (#3515) 2025-03-17 11:36:14 +01:00
mmetc
cab99643d1
Parallel hubtest (#3509) 
Hubtests are now much faster and have a --max-jobs option which defaults to the number of cpu cores.
 2025-03-17 11:27:09 +01:00
blotus
941b3d98b9
appsec: less verbose logging for allowlists and headers check (#3498) 2025-03-12 10:55:06 +01:00
mmetc
c4f9adb799
appsec: use CA from client credentials when connecting to LAPI (#3505) 2025-03-12 10:36:30 +01:00
blotus
50a5ef5345
deprecate capi_whitelists_path (#3504) 2025-03-12 10:12:30 +01:00
mmetc
a432a6352d
appsec: support custom CA for lapi (#3503) 
* apisever, appsec: refact listenAndServe..()

* RemoveAll() -> Remove()

* configure CA for tls auth request

* ignore error from os.Remove(socket) when there's no file

* appsec functional test

* lint
 2025-03-12 09:33:21 +01:00
Laurence Jones
9bb7ad8c3a
enhancement: Add additional ssl options to db configuration (#3387) 2025-03-11 10:56:47 +01:00
Laurence Jones
bcce4afe5e
enhance: Flags now superceed all log levels (#3496) 
* enhance: Flags now superceed all log levels

* enhance: remove global var for local scope

* test

---------

Co-authored-by: marco <marco@crowdsec.net>
 2025-03-07 13:42:08 +00:00
mmetc
12a3c70860
lint: gocritic/httpNoBody (#3493) 
* lint: gocritic/httpNoBody
 2025-03-07 14:35:25 +01:00
blotus
a203d8ebbf
appsec: handle SendAlert() properly for out of band matches (#3497) 2025-03-05 16:04:16 +01:00
Thibault "bui" Koechlin
f49e1e28d2
move ParseQuery to expr helpers, add ExtractQueryParam (#3491) 
* move ParseQuery to expr helpers, add ExtractQueryParam
 2025-03-04 10:41:11 +01:00
Laurence Jones
970954f2c0
enhance: add option to disable magic syslog RFC parsers (#3435) 2025-02-28 15:20:17 +01:00
blotus
c5f5896625
crowdsec: allow -t to work if using appsec and allowlists (#3484) 2025-02-27 14:26:38 +01:00
mmetc
c161eb270b
pkg/cwhub: refact Item.State.(Downloaded | Installed) (#3476) 2025-02-25 10:09:29 +01:00
blotus
ce5b4b435b
add JA4H expr helper (#3401) 2025-02-24 15:20:33 +01:00
mmetc
a3187d6f2c
refact: context propagation (apiclient, cticlient...) (#3477) 2025-02-21 13:23:39 +01:00
mmetc
105801d1f9
cscli: allow non-local symlinks to have a different name than hub items (#3475) 2025-02-21 12:44:30 +01:00
mmetc
2b70dbf3e5
cscli hub/items: always show action plan; fix --interactive in pipes (#3451) 2025-02-21 00:17:01 +01:00
mmetc
45624c6fe5
tests: switch context.Background() -> t.Context() from go 1.24 (#3473) 2025-02-21 00:09:11 +01:00
blotus
16d0677938
Add support for centralized allowlists (#3355) 2025-02-19 15:04:47 +01:00
mmetc
8a10e2c61d
refact: avoid use of defer calls in loops (#3466) 
* refact apic.Send()
* refact Papi.SendDeletedDecisions()
* refact MetricsProvider.Run()
* refact PluginBroker.pushNotificationsToPlugin()
* refact leakybucket.LoadBuckets()
 2025-02-19 14:50:38 +01:00
mmetc
c4ff4228be
use go 1.24, enable unencrypted http2 (#3470) 2025-02-19 14:05:17 +01:00
mmetc
efbb42bf9e
deps: use ent 0.14.2 (#3259) 2025-02-18 17:08:58 +01:00
mmetc
7c1d038645
leaky bucket: reduce log verbosity (#3472) 2025-02-18 15:52:51 +01:00
mmetc
5136d928ed
lint: gocritic/typeDefFirst (ensure type definitions come before methods) (#3404) 
* lint: gocritic/typeDefFirst (ensure type definitions come before methods)

* lint
 2025-02-17 10:55:18 +01:00
mmetc
a73bed902b
file acquisition: remove redundant logging info (#3468) 
* file acquisition: remove redundant logging info

* lint
 2025-02-17 10:32:15 +01:00
mmetc
c5e0003b59
silence "cscli hub update" if noop in cron jobs (#3460) 2025-02-10 11:24:59 +01:00
mmetc
9f2d642512
cscli: don't attempt to download data files when url="" (#3454) 2025-02-08 23:47:57 +01:00
mmetc
a001e1d760
cscli: replace '--yes' option with '--interactive' (#3448) 2025-02-06 11:43:29 +01:00
mmetc
bf0a1cc470
cscli: when prompting, use default in case of EOF instead of going for "no" (#3447) 2025-02-05 16:51:34 +01:00
mmetc
dc28ae58dc
run 'hub upgrade' in rpm/deb postinst, improve hub message (#3440) 2025-02-04 16:51:02 +01:00
blotus
763959fb68
ignore zero value variables for context (#3436) 2025-01-31 10:12:19 +01:00
mmetc
6827f065fa
bucket: avoid crashing on malformed expression (fix #3351) (#3368) 2025-01-30 19:19:57 +01:00
Gilbert Gilb's
5260cf16cc
fix parsing of noncompliant RFC3339 timestamps missing only a timezone (#3346) 2025-01-30 17:14:06 +01:00
Zakhar Bessarab
172d6c6dc6
acquisition/victorialogs: add new datasource (#3310) 
* acquisition/victorialogs: add new datasource

Data source supports:
- cat mode with automatic adjustment of poll interval (same as one at Loki datasource)
- tail mode by using tailing API
 2025-01-29 16:59:03 +01:00
blotus
b2bcf31ed7
use the actual bucket name when checking for simulation mode (#3416) 2025-01-27 11:45:39 +00:00
Thibault "bui" Koechlin
fdd37370b3
appsec: do not attempt to deduplicate native modsec rules (#3347) 
* fix #3343

* fix #3350

* fix #3350

---------

Co-authored-by: blotus <sebastien@crowdsec.net>
Co-authored-by: Laurence Jones <laurence.jones@live.co.uk>
 2025-01-27 10:11:50 +01:00
srkoster
62308f535c
Removed last_heartbeat update in MachineUpdateBaseMetrics (#3425) 2025-01-23 18:50:31 +01:00
mmetc
4935dc536e
cscli hub: handle freebsd pre-release version numbers (#3423) 2025-01-23 09:29:29 +01:00
mmetc
013fd8b198
remove dependency from github.com/gofrs/uuid (#3406) 2025-01-20 15:01:34 +01:00
AlteredCoder
d6b3841f13
pkg/cticlient: Add missing field in SmokeItem and FireItem (#3413) 
* pkg/cticlient: Add missing field in SmokeItem and FireItem
 2025-01-20 11:21:25 +01:00
mmetc
bd7e1b50c3
cscli: cliconfig - remove global variables and gratuitous pointer (#3414) 2025-01-20 10:30:36 +01:00
Laurence Jones
7d12b806cd
enhance: Log appsec error on writing response to remediation (#3412) 
* enhance: Log appsec error on writing response to remediation

* fix: note to self dont write code at midnight
 2025-01-18 13:13:46 +01:00
mmetc
49fb24c3b1
lint: enable errcheck; add allowlist and explicit checks (#3403) 
* lint: enable errcheck with explicit allow list
* add explicit error checks
* windows tests
* windows nolint
 2025-01-16 16:13:10 +01:00
mmetc
fe931af5ca
lint: gocritic/captLocal (don't capitalize local variables) (#3402) 
* lint: gocritic/captLocal (don't capitalize local variables)

* lint (whitespace)
 2025-01-16 14:03:53 +01:00
mmetc
6529215775
CI: golangci-lint 1.63 (#3396) 2025-01-16 13:22:08 +01:00
mmetc
9ef5f58f88
test pkg/exprhelpers: explicit message if the tag "expr_debug" is missing (#3400) 
* test pkg/exprhelpers: explicit message if the tag "expr_debug" is missing

* typo

* lint: use build tag expr_debug while linting

* lint
 2025-01-15 12:13:54 +01:00
mmetc
5df56844d9
log warning if local items have conflicting names (#3399) 2025-01-13 13:28:48 +01:00