Documentation ¶
Index ¶
- Constants
- Variables
- func DefaultConfigPath(elem ...string) string
- func DefaultDataPath(elem ...string) string
- type APICfg
- type ApiCredentialsCfg
- type AuthGCCfg
- type CommonCfg
- type Config
- func (c *Config) Dump() error
- func (c *Config) LoadAPIClient() error
- func (c *Config) LoadAPIServer() error
- func (c *Config) LoadCSCLI() error
- func (c *Config) LoadCommon() error
- func (c *Config) LoadConfigurationPaths() error
- func (c *Config) LoadCrowdsec() error
- func (c *Config) LoadDBConfig() error
- func (c *Config) LoadHub() error
- func (c *Config) LoadPrometheus() error
- func (c *Config) LoadSimulation() error
- type ConfigurationPaths
- type ConsoleConfig
- type CrowdsecServiceCfg
- type CscliCfg
- type DatabaseCfg
- type FlushDBCfg
- type Hub
- type LocalApiClientCfg
- type LocalApiServerCfg
- type OnlineApiClientCfg
- type PluginCfg
- type ProfileCfg
- type PrometheusCfg
- type SimulationConfig
- type TLSCfg
Constants ¶
const ( SEND_CUSTOM_SCENARIOS = "custom" SEND_TAINTED_SCENARIOS = "tainted" SEND_MANUAL_SCENARIOS = "manual" )
Variables ¶
var CONSOLE_CONFIGS = []string{SEND_CUSTOM_SCENARIOS, SEND_MANUAL_SCENARIOS, SEND_TAINTED_SCENARIOS}
var DEFAULT_MAX_OPEN_CONNS = 100
var DefaultConsoleConfigFilePath = DefaultConfigPath("console.yaml")
Functions ¶
func DefaultConfigPath ¶ added in v1.3.1
DefaultConfigPath returns the default path for a configuration resource "elem" parameters are path components relative to the default cfg directory.
func DefaultDataPath ¶ added in v1.3.1
DefaultDataPath returns the the default path for a data resource. "elem" parameters are path components relative to the default data directory.
Types ¶
type APICfg ¶ added in v1.0.0
type APICfg struct { Client *LocalApiClientCfg `yaml:"client"` Server *LocalApiServerCfg `yaml:"server"` }
type ApiCredentialsCfg ¶ added in v1.0.0
type ApiCredentialsCfg struct { URL string `yaml:"url,omitempty" json:"url,omitempty"` Login string `yaml:"login,omitempty" json:"login,omitempty"` Password string `yaml:"password,omitempty" json:"-"` CACertPath string `yaml:"ca_cert_path,omitempty"` KeyPath string `yaml:"key_path,omitempty"` CertPath string `yaml:"cert_path,omitempty"` }
type CommonCfg ¶ added in v1.0.0
type CommonCfg struct { Daemonize bool PidDir string `yaml:"pid_dir,omitempty"` // TODO: This is just for backward compat. Remove this later LogMedia string `yaml:"log_media"` LogDir string `yaml:"log_dir,omitempty"` //if LogMedia = file LogLevel *log.Level `yaml:"log_level"` WorkingDir string `yaml:"working_dir,omitempty"` ///var/run CompressLogs *bool `yaml:"compress_logs,omitempty"` LogMaxSize int `yaml:"log_max_size,omitempty"` LogMaxAge int `yaml:"log_max_age,omitempty"` LogMaxFiles int `yaml:"log_max_files,omitempty"` ForceColorLogs bool `yaml:"force_color_logs,omitempty"` }
daemonization/service related stuff
type Config ¶ added in v1.0.10
type Config struct { //just a path to ourself :p FilePath *string `yaml:"-"` Self []byte `yaml:"-"` Common *CommonCfg `yaml:"common,omitempty"` Prometheus *PrometheusCfg `yaml:"prometheus,omitempty"` Crowdsec *CrowdsecServiceCfg `yaml:"crowdsec_service,omitempty"` Cscli *CscliCfg `yaml:"cscli,omitempty"` DbConfig *DatabaseCfg `yaml:"db_config,omitempty"` API *APICfg `yaml:"api,omitempty"` ConfigPaths *ConfigurationPaths `yaml:"config_paths,omitempty"` PluginConfig *PluginCfg `yaml:"plugin_config,omitempty"` DisableAPI bool `yaml:"-"` DisableAgent bool `yaml:"-"` Hub *Hub `yaml:"-"` }
Config contains top-level defaults -> overridden by configuration file -> overridden by CLI flags
func NewDefaultConfig ¶ added in v1.0.0
func NewDefaultConfig() *Config
func (*Config) LoadAPIClient ¶ added in v1.0.10
func (*Config) LoadAPIServer ¶ added in v1.0.10
func (*Config) LoadCommon ¶ added in v1.0.10
func (*Config) LoadConfigurationPaths ¶ added in v1.0.10
func (*Config) LoadCrowdsec ¶ added in v1.0.10
func (*Config) LoadDBConfig ¶ added in v1.0.10
func (*Config) LoadPrometheus ¶ added in v1.0.10
func (*Config) LoadSimulation ¶ added in v1.0.10
type ConfigurationPaths ¶ added in v1.0.0
type ConfigurationPaths struct { ConfigDir string `yaml:"config_dir"` DataDir string `yaml:"data_dir,omitempty"` SimulationFilePath string `yaml:"simulation_path,omitempty"` HubIndexFile string `yaml:"index_path,omitempty"` //path of the .index.json HubDir string `yaml:"hub_dir,omitempty"` PluginDir string `yaml:"plugin_dir,omitempty"` NotificationDir string `yaml:"notification_dir,omitempty"` }
type ConsoleConfig ¶ added in v1.3.0
type ConsoleConfig struct {}
type CrowdsecServiceCfg ¶ added in v1.0.0
type CrowdsecServiceCfg struct { Enable *bool `yaml:"enable"` AcquisitionFilePath string `yaml:"acquisition_path,omitempty"` AcquisitionDirPath string `yaml:"acquisition_dir,omitempty"` AcquisitionFiles []string `yaml:"-"` ParserRoutinesCount int `yaml:"parser_routines"` BucketsRoutinesCount int `yaml:"buckets_routines"` OutputRoutinesCount int `yaml:"output_routines"` SimulationConfig *SimulationConfig `yaml:"-"` LintOnly bool `yaml:"-"` //if set to true, exit after loading configs BucketStateFile string `yaml:"state_input_file,omitempty"` //if we need to unserialize buckets at start BucketStateDumpDir string `yaml:"state_output_dir,omitempty"` //if we need to unserialize buckets on shutdown BucketsGCEnabled bool `yaml:"-"` //we need to garbage collect buckets when in forensic mode HubDir string `yaml:"-"` DataDir string `yaml:"-"` ConfigDir string `yaml:"-"` HubIndexFile string `yaml:"-"` SimulationFilePath string `yaml:"-"` }
Configurations needed for crowdsec to load parser/scenarios/... + acquisition
type CscliCfg ¶ added in v1.0.0
type CscliCfg struct { Output string `yaml:"output,omitempty"` HubBranch string `yaml:"hub_branch"` SimulationConfig *SimulationConfig `yaml:"-"` DbConfig *DatabaseCfg `yaml:"-"` HubDir string `yaml:"-"` DataDir string `yaml:"-"` ConfigDir string `yaml:"-"` HubIndexFile string `yaml:"-"` SimulationFilePath string `yaml:"-"` PrometheusUrl string `yaml:"prometheus_uri"` }
cscli specific config, such as hub directory
type DatabaseCfg ¶ added in v1.0.0
type DatabaseCfg struct { User string `yaml:"user"` Password string `yaml:"password"` DbName string `yaml:"db_name"` Sslmode string `yaml:"sslmode"` Host string `yaml:"host"` Port int `yaml:"port"` DbPath string `yaml:"db_path"` Type string `yaml:"type"` Flush *FlushDBCfg `yaml:"flush"` LogLevel *log.Level `yaml:"log_level"` MaxOpenConns *int `yaml:"max_open_conns,omitempty"` UseWal *bool `yaml:"use_wal,omitempty"` }
type FlushDBCfg ¶ added in v1.0.0
type Hub ¶ added in v1.0.10
type Hub struct { HubDir string `yaml:"-"` ConfigDir string `yaml:"-"` HubIndexFile string `yaml:"-"` DataDir string `yaml:"-"` }
cscli specific config, such as hub directory
type LocalApiClientCfg ¶ added in v1.0.0
type LocalApiClientCfg struct { CredentialsFilePath string `yaml:"credentials_path,omitempty"` //credz will be edited by software, store in diff file Credentials *ApiCredentialsCfg `yaml:"-"` InsecureSkipVerify *bool `yaml:"insecure_skip_verify"` // check if api certificate is bad or not }
local api config (for crowdsec/cscli->lapi)
func (*LocalApiClientCfg) Load ¶ added in v1.0.10
func (l *LocalApiClientCfg) Load() error
type LocalApiServerCfg ¶ added in v1.0.0
type LocalApiServerCfg struct { Enable *bool `yaml:"enable"` ListenURI string `yaml:"listen_uri,omitempty"` //127.0.0.1:8080 TLS *TLSCfg `yaml:"tls"` DbConfig *DatabaseCfg `yaml:"-"` LogDir string `yaml:"-"` LogMedia string `yaml:"-"` OnlineClient *OnlineApiClientCfg `yaml:"online_client"` ProfilesPath string `yaml:"profiles_path,omitempty"` ConsoleConfigPath string `yaml:"console_path,omitempty"` ConsoleConfig *ConsoleConfig `yaml:"-"` Profiles []*ProfileCfg `yaml:"-"` LogLevel *log.Level `yaml:"log_level"` UseForwardedForHeaders bool `yaml:"use_forwarded_for_headers,omitempty"` TrustedProxies *[]string `yaml:"trusted_proxies,omitempty"` CompressLogs *bool `yaml:"-"` LogMaxSize int `yaml:"-"` LogMaxAge int `yaml:"-"` LogMaxFiles int `yaml:"-"` TrustedIPs []string `yaml:"trusted_ips,omitempty"` }
local api service configuration
func (*LocalApiServerCfg) DumpConsoleConfig ¶ added in v1.3.0
func (c *LocalApiServerCfg) DumpConsoleConfig() error
func (*LocalApiServerCfg) GetTrustedIPs ¶ added in v1.3.3
func (lapiCfg *LocalApiServerCfg) GetTrustedIPs() ([]net.IPNet, error)
func (*LocalApiServerCfg) LoadConsoleConfig ¶ added in v1.3.0
func (c *LocalApiServerCfg) LoadConsoleConfig() error
func (*LocalApiServerCfg) LoadProfiles ¶ added in v1.0.0
func (c *LocalApiServerCfg) LoadProfiles() error
type OnlineApiClientCfg ¶ added in v1.0.0
type OnlineApiClientCfg struct { CredentialsFilePath string `yaml:"credentials_path,omitempty"` //credz will be edited by software, store in diff file Credentials *ApiCredentialsCfg `yaml:"-"` }
global api config (for lapi->oapi)
func (*OnlineApiClientCfg) Load ¶ added in v1.0.10
func (o *OnlineApiClientCfg) Load() error
type ProfileCfg ¶ added in v1.0.0
type ProfileCfg struct { Name string `yaml:"name,omitempty"` Debug *bool `yaml:"debug,omitempty"` Filters []string `yaml:"filters,omitempty"` //A list of OR'ed expressions. the models.Alert object Decisions []models.Decision `yaml:"decisions,omitempty"` DurationExpr string `yaml:"duration_expr,omitempty"` OnSuccess string `yaml:"on_success,omitempty"` //continue or break OnFailure string `yaml:"on_failure,omitempty"` //continue or break Notifications []string `yaml:"notifications,omitempty"` }
Profile structure(s) are used by the local API to "decide" what kind of decision should be applied when a scenario with an active remediation has been triggered
type PrometheusCfg ¶ added in v1.0.0
type SimulationConfig ¶ added in v0.3.0
type SimulationConfig struct { Simulation *bool `yaml:"simulation"` Exclusions []string `yaml:"exclusions,omitempty"` }
func (*SimulationConfig) IsSimulated ¶ added in v1.0.0
func (s *SimulationConfig) IsSimulated(scenario string) bool
type TLSCfg ¶ added in v1.0.0
type TLSCfg struct { CertFilePath string `yaml:"cert_file"` KeyFilePath string `yaml:"key_file"` ClientVerification string `yaml:"client_verification,omitempty"` ServerName string `yaml:"server_name"` CACertPath string `yaml:"ca_cert_path"` AllowedAgentsOU []string `yaml:"agents_allowed_ou"` AllowedBouncersOU []string `yaml:"bouncers_allowed_ou"` CRLPath string `yaml:"crl_path"` CacheExpiration *time.Duration `yaml:"cache_expiration,omitempty"` }