Documentation
¶
Index ¶
- Constants
- Variables
- func DefaultConfigPath(elem ...string) string
- func DefaultDataPath(elem ...string) string
- func ListFeatureFlags() string
- func LoadFeatureFlagsEnv(logger *log.Logger) error
- func LoadFeatureFlagsFile(cConfig *Config, logger *log.Logger) error
- type APICfg
- type ApiCredentialsCfg
- type AuthGCCfg
- type CTICfg
- type CommonCfg
- type Config
- func (c *Config) Dump() error
- func (c *Config) LoadAPIClient() error
- func (c *Config) LoadAPIServer() error
- func (c *Config) LoadCSCLI() error
- func (c *Config) LoadCommon() error
- func (c *Config) LoadConfigurationPaths() error
- func (c *Config) LoadCrowdsec() error
- func (c *Config) LoadDBConfig() error
- func (c *Config) LoadHub() error
- func (c *Config) LoadPrometheus() error
- func (c *Config) LoadSimulation() error
- type ConfigurationPaths
- type ConsoleConfig
- type CrowdsecServiceCfg
- type CscliCfg
- type DatabaseCfg
- type FlushDBCfg
- type Hub
- type LocalApiClientCfg
- type LocalApiServerCfg
- type OnlineApiClientCfg
- type PluginCfg
- type ProfileCfg
- type PrometheusCfg
- type SimulationConfig
- type TLSCfg
Constants ¶
View Source
const ( SEND_CUSTOM_SCENARIOS = "custom" SEND_TAINTED_SCENARIOS = "tainted" SEND_MANUAL_SCENARIOS = "manual" CONSOLE_MANAGEMENT = "console_management" SEND_CONTEXT = "context" )
Variables ¶
View Source
var CONSOLE_CONFIGS = []string{SEND_CUSTOM_SCENARIOS, SEND_MANUAL_SCENARIOS, SEND_TAINTED_SCENARIOS, SEND_CONTEXT, CONSOLE_MANAGEMENT}
View Source
var DEFAULT_MAX_OPEN_CONNS = 100
View Source
var DefaultConsoleConfigFilePath = DefaultConfigPath("console.yaml")
Functions ¶
func DefaultConfigPath ¶ added in v1.3.1
DefaultConfigPath returns the default path for a configuration resource "elem" parameters are path components relative to the default cfg directory.
func DefaultDataPath ¶ added in v1.3.1
DefaultDataPath returns the default path for a data resource. "elem" parameters are path components relative to the default data directory.
func ListFeatureFlags ¶ added in v1.5.0
func ListFeatureFlags() string
ListFeatureFlags returns a list of the enabled feature flags.
func LoadFeatureFlagsEnv ¶ added in v1.5.0
LoadFeatureFlagsEnv parses the environment variables to enable feature flags.
Types ¶
type APICfg ¶ added in v1.0.0
type APICfg struct {
Client *LocalApiClientCfg `yaml:"client"`
Server *LocalApiServerCfg `yaml:"server"`
CTI *CTICfg `yaml:"cti"`
}
type ApiCredentialsCfg ¶ added in v1.0.0
type ApiCredentialsCfg struct {
PapiURL string `yaml:"papi_url,omitempty" json:"papi_url,omitempty"`
URL string `yaml:"url,omitempty" json:"url,omitempty"`
Login string `yaml:"login,omitempty" json:"login,omitempty"`
Password string `yaml:"password,omitempty" json:"-"`
CACertPath string `yaml:"ca_cert_path,omitempty"`
KeyPath string `yaml:"key_path,omitempty"`
CertPath string `yaml:"cert_path,omitempty"`
}
type CTICfg ¶ added in v1.5.0
type CommonCfg ¶ added in v1.0.0
type CommonCfg struct {
Daemonize bool
PidDir string `yaml:"pid_dir,omitempty"` // TODO: This is just for backward compat. Remove this later
LogMedia string `yaml:"log_media"`
LogDir string `yaml:"log_dir,omitempty"` //if LogMedia = file
LogLevel *log.Level `yaml:"log_level"`
WorkingDir string `yaml:"working_dir,omitempty"` ///var/run
CompressLogs *bool `yaml:"compress_logs,omitempty"`
LogMaxSize int `yaml:"log_max_size,omitempty"`
LogMaxAge int `yaml:"log_max_age,omitempty"`
LogMaxFiles int `yaml:"log_max_files,omitempty"`
ForceColorLogs bool `yaml:"force_color_logs,omitempty"`
}
daemonization/service related stuff
type Config ¶ added in v1.0.10
type Config struct {
//just a path to ourself :p
FilePath *string `yaml:"-"`
Self []byte `yaml:"-"`
Common *CommonCfg `yaml:"common,omitempty"`
Prometheus *PrometheusCfg `yaml:"prometheus,omitempty"`
Crowdsec *CrowdsecServiceCfg `yaml:"crowdsec_service,omitempty"`
Cscli *CscliCfg `yaml:"cscli,omitempty"`
DbConfig *DatabaseCfg `yaml:"db_config,omitempty"`
API *APICfg `yaml:"api,omitempty"`
ConfigPaths *ConfigurationPaths `yaml:"config_paths,omitempty"`
PluginConfig *PluginCfg `yaml:"plugin_config,omitempty"`
DisableAPI bool `yaml:"-"`
DisableAgent bool `yaml:"-"`
Hub *Hub `yaml:"-"`
}
Config contains top-level defaults -> overridden by configuration file -> overridden by CLI flags
func NewDefaultConfig ¶ added in v1.0.0
func NewDefaultConfig() *Config
func (*Config) LoadAPIClient ¶ added in v1.0.10
func (*Config) LoadAPIServer ¶ added in v1.0.10
func (*Config) LoadCommon ¶ added in v1.0.10
func (*Config) LoadConfigurationPaths ¶ added in v1.0.10
func (*Config) LoadCrowdsec ¶ added in v1.0.10
func (*Config) LoadDBConfig ¶ added in v1.0.10
func (*Config) LoadPrometheus ¶ added in v1.0.10
func (*Config) LoadSimulation ¶ added in v1.0.10
type ConfigurationPaths ¶ added in v1.0.0
type ConfigurationPaths struct {
ConfigDir string `yaml:"config_dir"`
DataDir string `yaml:"data_dir,omitempty"`
SimulationFilePath string `yaml:"simulation_path,omitempty"`
HubIndexFile string `yaml:"index_path,omitempty"` //path of the .index.json
HubDir string `yaml:"hub_dir,omitempty"`
PluginDir string `yaml:"plugin_dir,omitempty"`
NotificationDir string `yaml:"notification_dir,omitempty"`
}
type ConsoleConfig ¶ added in v1.3.0
type ConsoleConfig struct {
ConsoleManagement *bool `yaml:"console_management"`
}
type CrowdsecServiceCfg ¶ added in v1.0.0
type CrowdsecServiceCfg struct {
Enable *bool `yaml:"enable"`
AcquisitionFilePath string `yaml:"acquisition_path,omitempty"`
AcquisitionDirPath string `yaml:"acquisition_dir,omitempty"`
ConsoleContextPath string `yaml:"console_context_path"`
ConsoleContextValueLength int `yaml:"console_context_value_length"`
AcquisitionFiles []string `yaml:"-"`
ParserRoutinesCount int `yaml:"parser_routines"`
BucketsRoutinesCount int `yaml:"buckets_routines"`
OutputRoutinesCount int `yaml:"output_routines"`
SimulationConfig *SimulationConfig `yaml:"-"`
LintOnly bool `yaml:"-"` // if set to true, exit after loading configs
BucketStateFile string `yaml:"state_input_file,omitempty"` // if we need to unserialize buckets at start
BucketStateDumpDir string `yaml:"state_output_dir,omitempty"` // if we need to unserialize buckets on shutdown
BucketsGCEnabled bool `yaml:"-"` // we need to garbage collect buckets when in forensic mode
HubDir string `yaml:"-"`
DataDir string `yaml:"-"`
ConfigDir string `yaml:"-"`
HubIndexFile string `yaml:"-"`
SimulationFilePath string `yaml:"-"`
ContextToSend map[string][]string `yaml:"-"`
}
CrowdsecServiceCfg contains the location of parsers/scenarios/... and acquisition files
func (*CrowdsecServiceCfg) DumpContextConfigFile ¶ added in v1.5.0
func (c *CrowdsecServiceCfg) DumpContextConfigFile() error
type CscliCfg ¶ added in v1.0.0
type CscliCfg struct {
Output string `yaml:"output,omitempty"`
Color string `yaml:"color,omitempty"`
HubBranch string `yaml:"hub_branch"`
SimulationConfig *SimulationConfig `yaml:"-"`
DbConfig *DatabaseCfg `yaml:"-"`
HubDir string `yaml:"-"`
DataDir string `yaml:"-"`
ConfigDir string `yaml:"-"`
HubIndexFile string `yaml:"-"`
SimulationFilePath string `yaml:"-"`
PrometheusUrl string `yaml:"prometheus_uri"`
}
cscli specific config, such as hub directory
type DatabaseCfg ¶ added in v1.0.0
type DatabaseCfg struct {
User string `yaml:"user"`
Password string `yaml:"password"`
DbName string `yaml:"db_name"`
Sslmode string `yaml:"sslmode"`
Host string `yaml:"host"`
Port int `yaml:"port"`
DbPath string `yaml:"db_path"`
Type string `yaml:"type"`
Flush *FlushDBCfg `yaml:"flush"`
LogLevel *log.Level `yaml:"log_level"`
MaxOpenConns *int `yaml:"max_open_conns,omitempty"`
UseWal *bool `yaml:"use_wal,omitempty"`
}
func (*DatabaseCfg) ConnectionDialect ¶ added in v1.5.0
func (d *DatabaseCfg) ConnectionDialect() (string, string, error)
func (*DatabaseCfg) ConnectionString ¶ added in v1.5.0
func (d *DatabaseCfg) ConnectionString() string
type FlushDBCfg ¶ added in v1.0.0
type Hub ¶ added in v1.0.10
type Hub struct {
HubDir string `yaml:"-"`
ConfigDir string `yaml:"-"`
HubIndexFile string `yaml:"-"`
DataDir string `yaml:"-"`
}
cscli specific config, such as hub directory
type LocalApiClientCfg ¶ added in v1.0.0
type LocalApiClientCfg struct {
CredentialsFilePath string `yaml:"credentials_path,omitempty"` // credz will be edited by software, store in diff file
Credentials *ApiCredentialsCfg `yaml:"-"`
InsecureSkipVerify *bool `yaml:"insecure_skip_verify"` // check if api certificate is bad or not
}
local api config (for crowdsec/cscli->lapi)
func (*LocalApiClientCfg) Load ¶ added in v1.0.10
func (l *LocalApiClientCfg) Load() error
type LocalApiServerCfg ¶ added in v1.0.0
type LocalApiServerCfg struct {
Enable *bool `yaml:"enable"`
ListenURI string `yaml:"listen_uri,omitempty"` // 127.0.0.1:8080
TLS *TLSCfg `yaml:"tls"`
DbConfig *DatabaseCfg `yaml:"-"`
LogDir string `yaml:"-"`
LogMedia string `yaml:"-"`
OnlineClient *OnlineApiClientCfg `yaml:"online_client"`
ProfilesPath string `yaml:"profiles_path,omitempty"`
ConsoleConfigPath string `yaml:"console_path,omitempty"`
ConsoleConfig *ConsoleConfig `yaml:"-"`
Profiles []*ProfileCfg `yaml:"-"`
LogLevel *log.Level `yaml:"log_level"`
UseForwardedForHeaders bool `yaml:"use_forwarded_for_headers,omitempty"`
TrustedProxies *[]string `yaml:"trusted_proxies,omitempty"`
CompressLogs *bool `yaml:"-"`
LogMaxSize int `yaml:"-"`
LogMaxAge int `yaml:"-"`
LogMaxFiles int `yaml:"-"`
TrustedIPs []string `yaml:"trusted_ips,omitempty"`
PapiLogLevel *log.Level `yaml:"papi_log_level"`
DisableRemoteLapiRegistration bool `yaml:"disable_remote_lapi_registration,omitempty"`
}
local api service configuration
func (*LocalApiServerCfg) DumpConsoleConfig ¶ added in v1.3.0
func (c *LocalApiServerCfg) DumpConsoleConfig() error
func (*LocalApiServerCfg) GetTrustedIPs ¶ added in v1.3.3
func (lapiCfg *LocalApiServerCfg) GetTrustedIPs() ([]net.IPNet, error)
func (*LocalApiServerCfg) LoadConsoleConfig ¶ added in v1.3.0
func (c *LocalApiServerCfg) LoadConsoleConfig() error
func (*LocalApiServerCfg) LoadProfiles ¶ added in v1.0.0
func (c *LocalApiServerCfg) LoadProfiles() error
type OnlineApiClientCfg ¶ added in v1.0.0
type OnlineApiClientCfg struct {
CredentialsFilePath string `yaml:"credentials_path,omitempty"` // credz will be edited by software, store in diff file
Credentials *ApiCredentialsCfg `yaml:"-"`
}
global api config (for lapi->oapi)
func (*OnlineApiClientCfg) Load ¶ added in v1.0.10
func (o *OnlineApiClientCfg) Load() error
type ProfileCfg ¶ added in v1.0.0
type ProfileCfg struct {
Name string `yaml:"name,omitempty"`
Debug *bool `yaml:"debug,omitempty"`
Filters []string `yaml:"filters,omitempty"` //A list of OR'ed expressions. the models.Alert object
Decisions []models.Decision `yaml:"decisions,omitempty"`
DurationExpr string `yaml:"duration_expr,omitempty"`
OnSuccess string `yaml:"on_success,omitempty"` //continue or break
OnFailure string `yaml:"on_failure,omitempty"` //continue or break
OnError string `yaml:"on_error,omitempty"` //continue, break, error, report, apply, ignore
Notifications []string `yaml:"notifications,omitempty"`
}
Profile structure(s) are used by the local API to "decide" what kind of decision should be applied when a scenario with an active remediation has been triggered
type PrometheusCfg ¶ added in v1.0.0
type SimulationConfig ¶ added in v0.3.0
type SimulationConfig struct {
Simulation *bool `yaml:"simulation"`
Exclusions []string `yaml:"exclusions,omitempty"`
}
func (*SimulationConfig) IsSimulated ¶ added in v1.0.0
func (s *SimulationConfig) IsSimulated(scenario string) bool
type TLSCfg ¶ added in v1.0.0
type TLSCfg struct {
CertFilePath string `yaml:"cert_file"`
KeyFilePath string `yaml:"key_file"`
ClientVerification string `yaml:"client_verification,omitempty"`
ServerName string `yaml:"server_name"`
CACertPath string `yaml:"ca_cert_path"`
AllowedAgentsOU []string `yaml:"agents_allowed_ou"`
AllowedBouncersOU []string `yaml:"bouncers_allowed_ou"`
CRLPath string `yaml:"crl_path"`
CacheExpiration *time.Duration `yaml:"cache_expiration,omitempty"`
}
Source Files
Click to show internal directories.
Click to hide internal directories.