csconfig

package
v1.3.0-rc2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 20, 2022 License: MIT Imports: 15 Imported by: 1

Documentation

Index

Constants

View Source
const (
	SEND_CUSTOM_SCENARIOS  = "custom"
	SEND_TAINTED_SCENARIOS = "tainted"
	SEND_MANUAL_SCENARIOS  = "manual"
)

Variables

View Source
var DefaultConsoleConfgFilePath = "/etc/crowdsec/console_config.yaml"

Functions

This section is empty.

Types

type APICfg added in v1.0.0

type APICfg struct {
	Client *LocalApiClientCfg `yaml:"client"`
	Server *LocalApiServerCfg `yaml:"server"`
}

type ApiCredentialsCfg added in v1.0.0

type ApiCredentialsCfg struct {
	URL      string `yaml:"url,omitempty" json:"url,omitempty"`
	Login    string `yaml:"login,omitempty" json:"login,omitempty"`
	Password string `yaml:"password,omitempty" json:"-"`
}

type CommonCfg added in v1.0.0

type CommonCfg struct {
	Daemonize    bool
	PidDir       string     `yaml:"pid_dir"`
	LogMedia     string     `yaml:"log_media"`
	LogDir       string     `yaml:"log_dir,omitempty"` //if LogMedia = file
	LogLevel     *log.Level `yaml:"log_level"`
	WorkingDir   string     `yaml:"working_dir,omitempty"` ///var/run
	CompressLogs *bool      `yaml:"compress_logs,omitempty"`
	LogMaxSize   int        `yaml:"log_max_size,omitempty"`
	LogMaxAge    int        `yaml:"log_max_age,omitempty"`
	LogMaxFiles  int        `yaml:"log_max_files,omitempty"`
}

daemonization/service related stuff

type Config added in v1.0.10

type Config struct {
	//just a path to ourself :p
	FilePath     *string             `yaml:"-"`
	Self         []byte              `yaml:"-"`
	Common       *CommonCfg          `yaml:"common,omitempty"`
	Prometheus   *PrometheusCfg      `yaml:"prometheus,omitempty"`
	Crowdsec     *CrowdsecServiceCfg `yaml:"crowdsec_service,omitempty"`
	Cscli        *CscliCfg           `yaml:"cscli,omitempty"`
	DbConfig     *DatabaseCfg        `yaml:"db_config,omitempty"`
	API          *APICfg             `yaml:"api,omitempty"`
	ConfigPaths  *ConfigurationPaths `yaml:"config_paths,omitempty"`
	PluginConfig *PluginCfg          `yaml:"plugin_config,omitempty"`
	DisableAPI   bool                `yaml:"-"`
	DisableAgent bool                `yaml:"-"`
	Hub          *Hub                `yaml:"-"`
}

top-level config : defaults,overriden by cfg file,overriden by cli

func NewConfig added in v1.0.0

func NewConfig(configFile string, disableAgent bool, disableAPI bool) (*Config, error)

func NewDefaultConfig added in v1.0.0

func NewDefaultConfig() *Config

func (*Config) Dump added in v1.0.10

func (c *Config) Dump() error

func (*Config) LoadAPIClient added in v1.0.10

func (c *Config) LoadAPIClient() error

func (*Config) LoadAPIServer added in v1.0.10

func (c *Config) LoadAPIServer() error

func (*Config) LoadCSCLI added in v1.0.10

func (c *Config) LoadCSCLI() error

func (*Config) LoadCommon added in v1.0.10

func (c *Config) LoadCommon() error

func (*Config) LoadConfigurationPaths added in v1.0.10

func (c *Config) LoadConfigurationPaths() error

func (*Config) LoadCrowdsec added in v1.0.10

func (c *Config) LoadCrowdsec() error

func (*Config) LoadDBConfig added in v1.0.10

func (c *Config) LoadDBConfig() error

func (*Config) LoadHub added in v1.0.10

func (c *Config) LoadHub() error

func (*Config) LoadPrometheus added in v1.0.10

func (c *Config) LoadPrometheus() error

func (*Config) LoadSimulation added in v1.0.10

func (c *Config) LoadSimulation() error

type ConfigurationPaths added in v1.0.0

type ConfigurationPaths struct {
	ConfigDir          string `yaml:"config_dir"`
	DataDir            string `yaml:"data_dir,omitempty"`
	SimulationFilePath string `yaml:"simulation_path,omitempty"`
	HubIndexFile       string `yaml:"index_path,omitempty"` //path of the .index.json
	HubDir             string `yaml:"hub_dir,omitempty"`
	PluginDir          string `yaml:"plugin_dir,omitempty"`
	NotificationDir    string `yaml:"notification_dir,omitempty"`
}

type ConsoleConfig added in v1.3.0

type ConsoleConfig struct {
	ShareManualDecisions  *bool `yaml:"share_manual_decisions"`
	ShareTaintedScenarios *bool `yaml:"share_tainted"`
	ShareCustomScenarios  *bool `yaml:"share_custom"`
}

type CrowdsecServiceCfg added in v1.0.0

type CrowdsecServiceCfg struct {
	AcquisitionFilePath string `yaml:"acquisition_path,omitempty"`
	AcquisitionDirPath  string `yaml:"acquisition_dir,omitempty"`

	AcquisitionFiles     []string          `yaml:"-"`
	ParserRoutinesCount  int               `yaml:"parser_routines"`
	BucketsRoutinesCount int               `yaml:"buckets_routines"`
	OutputRoutinesCount  int               `yaml:"output_routines"`
	SimulationConfig     *SimulationConfig `yaml:"-"`
	LintOnly             bool              `yaml:"-"`                          //if set to true, exit after loading configs
	BucketStateFile      string            `yaml:"state_input_file,omitempty"` //if we need to unserialize buckets at start
	BucketStateDumpDir   string            `yaml:"state_output_dir,omitempty"` //if we need to unserialize buckets on shutdown
	BucketsGCEnabled     bool              `yaml:"-"`                          //we need to garbage collect buckets when in forensic mode

	HubDir             string `yaml:"-"`
	DataDir            string `yaml:"-"`
	ConfigDir          string `yaml:"-"`
	HubIndexFile       string `yaml:"-"`
	SimulationFilePath string `yaml:"-"`
}

Configurations needed for crowdsec to load parser/scenarios/... + acquisition

type CscliCfg added in v1.0.0

type CscliCfg struct {
	Output             string            `yaml:"output,omitempty"`
	HubBranch          string            `yaml:"hub_branch"`
	SimulationConfig   *SimulationConfig `yaml:"-"`
	DbConfig           *DatabaseCfg      `yaml:"-"`
	HubDir             string            `yaml:"-"`
	DataDir            string            `yaml:"-"`
	ConfigDir          string            `yaml:"-"`
	HubIndexFile       string            `yaml:"-"`
	SimulationFilePath string            `yaml:"-"`
	PrometheusUrl      string            `yaml:"prometheus_uri"`
}

cscli specific config, such as hub directory

type DatabaseCfg added in v1.0.0

type DatabaseCfg struct {
	User     string      `yaml:"user"`
	Password string      `yaml:"password"`
	DbName   string      `yaml:"db_name"`
	Sslmode  string      `yaml:"sslmode"`
	Host     string      `yaml:"host"`
	Port     int         `yaml:"port"`
	DbPath   string      `yaml:"db_path"`
	Type     string      `yaml:"type"`
	Flush    *FlushDBCfg `yaml:"flush"`
	LogLevel *log.Level  `yaml:"log_level"`
}

type FlushDBCfg added in v1.0.0

type FlushDBCfg struct {
	MaxItems *int    `yaml:"max_items"`
	MaxAge   *string `yaml:"max_age"`
}

type Hub added in v1.0.10

type Hub struct {
	HubDir       string `yaml:"-"`
	ConfigDir    string `yaml:"-"`
	HubIndexFile string `yaml:"-"`
	DataDir      string `yaml:"-"`
}

cscli specific config, such as hub directory

type LocalApiClientCfg added in v1.0.0

type LocalApiClientCfg struct {
	CredentialsFilePath string             `yaml:"credentials_path,omitempty"` //credz will be edited by software, store in diff file
	Credentials         *ApiCredentialsCfg `yaml:"-"`
	InsecureSkipVerify  *bool              `yaml:"insecure_skip_verify"` // check if api certificate is bad or not
}

local api config (for crowdsec/cscli->lapi)

func (*LocalApiClientCfg) Load added in v1.0.10

func (l *LocalApiClientCfg) Load() error

type LocalApiServerCfg added in v1.0.0

type LocalApiServerCfg struct {
	ListenURI              string              `yaml:"listen_uri,omitempty"` //127.0.0.1:8080
	TLS                    *TLSCfg             `yaml:"tls"`
	DbConfig               *DatabaseCfg        `yaml:"-"`
	LogDir                 string              `yaml:"-"`
	LogMedia               string              `yaml:"-"`
	OnlineClient           *OnlineApiClientCfg `yaml:"online_client"`
	ProfilesPath           string              `yaml:"profiles_path,omitempty"`
	ConsoleConfigPath      string              `yaml:"console_path,omitempty"`
	ConsoleConfig          *ConsoleConfig      `yaml:"-"`
	Profiles               []*ProfileCfg       `yaml:"-"`
	LogLevel               *log.Level          `yaml:"log_level"`
	UseForwardedForHeaders bool                `yaml:"use_forwarded_for_headers,omitempty"`
	TrustedProxies         *[]string           `yaml:"trusted_proxies,omitempty"`
	CompressLogs           *bool               `yaml:"-"`
	LogMaxSize             int                 `yaml:"-"`
	LogMaxAge              int                 `yaml:"-"`
	LogMaxFiles            int                 `yaml:"-"`
}

local api service configuration

func (*LocalApiServerCfg) DumpConsoleConfig added in v1.3.0

func (c *LocalApiServerCfg) DumpConsoleConfig() error

func (*LocalApiServerCfg) LoadConsoleConfig added in v1.3.0

func (c *LocalApiServerCfg) LoadConsoleConfig() error

func (*LocalApiServerCfg) LoadProfiles added in v1.0.0

func (c *LocalApiServerCfg) LoadProfiles() error

type OnlineApiClientCfg added in v1.0.0

type OnlineApiClientCfg struct {
	CredentialsFilePath string             `yaml:"credentials_path,omitempty"` //credz will be edited by software, store in diff file
	Credentials         *ApiCredentialsCfg `yaml:"-"`
}

global api config (for lapi->oapi)

func (*OnlineApiClientCfg) Load added in v1.0.10

func (o *OnlineApiClientCfg) Load() error

type PluginCfg added in v1.2.0

type PluginCfg struct {
	User  string
	Group string
}

type ProfileCfg added in v1.0.0

type ProfileCfg struct {
	Name           string                      `yaml:"name,omitempty"`
	Debug          *bool                       `yaml:"debug,omitempty"`
	Filters        []string                    `yaml:"filters,omitempty"` //A list of OR'ed expressions. the models.Alert object
	RuntimeFilters []*vm.Program               `json:"-" yaml:"-"`
	DebugFilters   []*exprhelpers.ExprDebugger `json:"-" yaml:"-"`
	Decisions      []models.Decision           `yaml:"decisions,omitempty"`
	OnSuccess      string                      `yaml:"on_success,omitempty"` //continue or break
	OnFailure      string                      `yaml:"on_failure,omitempty"` //continue or break
	Notifications  []string                    `yaml:"notifications,omitempty"`
}

Profile structure(s) are used by the local API to "decide" what kind of decision should be applied when a scenario with an active remediation has been triggered

type PrometheusCfg added in v1.0.0

type PrometheusCfg struct {
	Enabled    bool   `yaml:"enabled"`
	Level      string `yaml:"level"` //aggregated|full
	ListenAddr string `yaml:"listen_addr"`
	ListenPort int    `yaml:"listen_port"`
}

type SimulationConfig added in v0.3.0

type SimulationConfig struct {
	Simulation *bool    `yaml:"simulation"`
	Exclusions []string `yaml:"exclusions,omitempty"`
}

func (*SimulationConfig) IsSimulated added in v1.0.0

func (s *SimulationConfig) IsSimulated(scenario string) bool

type TLSCfg added in v1.0.0

type TLSCfg struct {
	CertFilePath string `yaml:"cert_file"`
	KeyFilePath  string `yaml:"key_file"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL