csconfig

package
v1.5.1-freebsd Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: May 17, 2023 License: MIT Imports: 20 Imported by: 1

Documentation

Index

Constants

View Source
const (
	SEND_CUSTOM_SCENARIOS  = "custom"
	SEND_TAINTED_SCENARIOS = "tainted"
	SEND_MANUAL_SCENARIOS  = "manual"
	CONSOLE_MANAGEMENT     = "console_management"
	SEND_CONTEXT           = "context"
)

Variables

View Source
var DEFAULT_MAX_OPEN_CONNS = 100
View Source
var DefaultConsoleConfigFilePath = DefaultConfigPath("console.yaml")

Functions

func DefaultConfigPath added in v1.3.1

func DefaultConfigPath(elem ...string) string

DefaultConfigPath returns the default path for a configuration resource "elem" parameters are path components relative to the default cfg directory.

func DefaultDataPath added in v1.3.1

func DefaultDataPath(elem ...string) string

DefaultDataPath returns the default path for a data resource. "elem" parameters are path components relative to the default data directory.

func ListFeatureFlags added in v1.5.0

func ListFeatureFlags() string

ListFeatureFlags returns a list of the enabled feature flags.

func LoadFeatureFlagsEnv added in v1.5.0

func LoadFeatureFlagsEnv(logger *log.Logger) error

LoadFeatureFlagsEnv parses the environment variables to enable feature flags.

func LoadFeatureFlagsFile added in v1.5.0

func LoadFeatureFlagsFile(configPath string, logger *log.Logger) error

LoadFeatureFlags parses feature.yaml to enable feature flags. The file is in the same directory as config.yaml, which is provided as the fist parameter. This can be different than ConfigPaths.ConfigDir

Types

type APICfg added in v1.0.0

type APICfg struct {
	Client *LocalApiClientCfg `yaml:"client"`
	Server *LocalApiServerCfg `yaml:"server"`
	CTI    *CTICfg            `yaml:"cti"`
}

type ApiCredentialsCfg added in v1.0.0

type ApiCredentialsCfg struct {
	PapiURL    string `yaml:"papi_url,omitempty" json:"papi_url,omitempty"`
	URL        string `yaml:"url,omitempty" json:"url,omitempty"`
	Login      string `yaml:"login,omitempty" json:"login,omitempty"`
	Password   string `yaml:"password,omitempty" json:"-"`
	CACertPath string `yaml:"ca_cert_path,omitempty"`
	KeyPath    string `yaml:"key_path,omitempty"`
	CertPath   string `yaml:"cert_path,omitempty"`
}

type AuthGCCfg added in v1.4.0

type AuthGCCfg struct {
	Cert                  *string `yaml:"cert,omitempty"`
	CertDuration          *time.Duration
	Api                   *string `yaml:"api_key,omitempty"`
	ApiDuration           *time.Duration
	LoginPassword         *string `yaml:"login_password,omitempty"`
	LoginPasswordDuration *time.Duration
}

type CTICfg added in v1.5.0

type CTICfg struct {
	Key          *string        `yaml:"key,omitempty"`
	CacheTimeout *time.Duration `yaml:"cache_timeout,omitempty"`
	CacheSize    *int           `yaml:"cache_size,omitempty"`
	Enabled      *bool          `yaml:"enabled,omitempty"`
	LogLevel     *log.Level     `yaml:"log_level,omitempty"`
}

func (*CTICfg) Load added in v1.5.0

func (a *CTICfg) Load() error

type CapiWhitelist added in v1.5.0

type CapiWhitelist struct {
	Ips   []net.IP     `yaml:"ips,omitempty"`
	Cidrs []*net.IPNet `yaml:"cidrs,omitempty"`
}

type CommonCfg added in v1.0.0

type CommonCfg struct {
	Daemonize      bool
	PidDir         string     `yaml:"pid_dir,omitempty"` // TODO: This is just for backward compat. Remove this later
	LogMedia       string     `yaml:"log_media"`
	LogDir         string     `yaml:"log_dir,omitempty"` //if LogMedia = file
	LogLevel       *log.Level `yaml:"log_level"`
	WorkingDir     string     `yaml:"working_dir,omitempty"` ///var/run
	CompressLogs   *bool      `yaml:"compress_logs,omitempty"`
	LogMaxSize     int        `yaml:"log_max_size,omitempty"`
	LogMaxAge      int        `yaml:"log_max_age,omitempty"`
	LogMaxFiles    int        `yaml:"log_max_files,omitempty"`
	ForceColorLogs bool       `yaml:"force_color_logs,omitempty"`
}

daemonization/service related stuff

type Config added in v1.0.10

type Config struct {
	//just a path to ourself :p
	FilePath     *string             `yaml:"-"`
	Self         []byte              `yaml:"-"`
	Common       *CommonCfg          `yaml:"common,omitempty"`
	Prometheus   *PrometheusCfg      `yaml:"prometheus,omitempty"`
	Crowdsec     *CrowdsecServiceCfg `yaml:"crowdsec_service,omitempty"`
	Cscli        *CscliCfg           `yaml:"cscli,omitempty"`
	DbConfig     *DatabaseCfg        `yaml:"db_config,omitempty"`
	API          *APICfg             `yaml:"api,omitempty"`
	ConfigPaths  *ConfigurationPaths `yaml:"config_paths,omitempty"`
	PluginConfig *PluginCfg          `yaml:"plugin_config,omitempty"`
	DisableAPI   bool                `yaml:"-"`
	DisableAgent bool                `yaml:"-"`
	Hub          *Hub                `yaml:"-"`
}

Config contains top-level defaults -> overridden by configuration file -> overridden by CLI flags

func NewConfig added in v1.0.0

func NewConfig(configFile string, disableAgent bool, disableAPI bool, quiet bool) (*Config, string, error)

func NewDefaultConfig added in v1.0.0

func NewDefaultConfig() *Config

func (*Config) Dump added in v1.0.10

func (c *Config) Dump() error

func (*Config) LoadAPIClient added in v1.0.10

func (c *Config) LoadAPIClient() error

func (*Config) LoadAPIServer added in v1.0.10

func (c *Config) LoadAPIServer() error

func (*Config) LoadCSCLI added in v1.0.10

func (c *Config) LoadCSCLI() error

func (*Config) LoadCommon added in v1.0.10

func (c *Config) LoadCommon() error

func (*Config) LoadConfigurationPaths added in v1.0.10

func (c *Config) LoadConfigurationPaths() error

func (*Config) LoadCrowdsec added in v1.0.10

func (c *Config) LoadCrowdsec() error

func (*Config) LoadDBConfig added in v1.0.10

func (c *Config) LoadDBConfig() error

func (*Config) LoadHub added in v1.0.10

func (c *Config) LoadHub() error

func (*Config) LoadPrometheus added in v1.0.10

func (c *Config) LoadPrometheus() error

func (*Config) LoadSimulation added in v1.0.10

func (c *Config) LoadSimulation() error

type ConfigurationPaths added in v1.0.0

type ConfigurationPaths struct {
	ConfigDir          string `yaml:"config_dir"`
	DataDir            string `yaml:"data_dir,omitempty"`
	SimulationFilePath string `yaml:"simulation_path,omitempty"`
	HubIndexFile       string `yaml:"index_path,omitempty"` //path of the .index.json
	HubDir             string `yaml:"hub_dir,omitempty"`
	PluginDir          string `yaml:"plugin_dir,omitempty"`
	NotificationDir    string `yaml:"notification_dir,omitempty"`
}

type ConsoleConfig added in v1.3.0

type ConsoleConfig struct {
	ShareManualDecisions  *bool `yaml:"share_manual_decisions"`
	ShareTaintedScenarios *bool `yaml:"share_tainted"`
	ShareCustomScenarios  *bool `yaml:"share_custom"`
	ConsoleManagement     *bool `yaml:"console_management"`
	ShareContext          *bool `yaml:"share_context"`
}

type CrowdsecServiceCfg added in v1.0.0

type CrowdsecServiceCfg struct {
	Enable                    *bool             `yaml:"enable"`
	AcquisitionFilePath       string            `yaml:"acquisition_path,omitempty"`
	AcquisitionDirPath        string            `yaml:"acquisition_dir,omitempty"`
	ConsoleContextPath        string            `yaml:"console_context_path"`
	ConsoleContextValueLength int               `yaml:"console_context_value_length"`
	AcquisitionFiles          []string          `yaml:"-"`
	ParserRoutinesCount       int               `yaml:"parser_routines"`
	BucketsRoutinesCount      int               `yaml:"buckets_routines"`
	OutputRoutinesCount       int               `yaml:"output_routines"`
	SimulationConfig          *SimulationConfig `yaml:"-"`
	LintOnly                  bool              `yaml:"-"`                          // if set to true, exit after loading configs
	BucketStateFile           string            `yaml:"state_input_file,omitempty"` // if we need to unserialize buckets at start
	BucketStateDumpDir        string            `yaml:"state_output_dir,omitempty"` // if we need to unserialize buckets on shutdown
	BucketsGCEnabled          bool              `yaml:"-"`                          // we need to garbage collect buckets when in forensic mode

	HubDir             string              `yaml:"-"`
	DataDir            string              `yaml:"-"`
	ConfigDir          string              `yaml:"-"`
	HubIndexFile       string              `yaml:"-"`
	SimulationFilePath string              `yaml:"-"`
	ContextToSend      map[string][]string `yaml:"-"`
}

CrowdsecServiceCfg contains the location of parsers/scenarios/... and acquisition files

func (*CrowdsecServiceCfg) DumpContextConfigFile added in v1.5.0

func (c *CrowdsecServiceCfg) DumpContextConfigFile() error

type CscliCfg added in v1.0.0

type CscliCfg struct {
	Output             string            `yaml:"output,omitempty"`
	Color              string            `yaml:"color,omitempty"`
	HubBranch          string            `yaml:"hub_branch"`
	SimulationConfig   *SimulationConfig `yaml:"-"`
	DbConfig           *DatabaseCfg      `yaml:"-"`
	HubDir             string            `yaml:"-"`
	DataDir            string            `yaml:"-"`
	ConfigDir          string            `yaml:"-"`
	HubIndexFile       string            `yaml:"-"`
	SimulationFilePath string            `yaml:"-"`
	PrometheusUrl      string            `yaml:"prometheus_uri"`
}

cscli specific config, such as hub directory

type DatabaseCfg added in v1.0.0

type DatabaseCfg struct {
	User         string      `yaml:"user"`
	Password     string      `yaml:"password"`
	DbName       string      `yaml:"db_name"`
	Sslmode      string      `yaml:"sslmode"`
	Host         string      `yaml:"host"`
	Port         int         `yaml:"port"`
	DbPath       string      `yaml:"db_path"`
	Type         string      `yaml:"type"`
	Flush        *FlushDBCfg `yaml:"flush"`
	LogLevel     *log.Level  `yaml:"log_level"`
	MaxOpenConns *int        `yaml:"max_open_conns,omitempty"`
	UseWal       *bool       `yaml:"use_wal,omitempty"`
}

func (*DatabaseCfg) ConnectionDialect added in v1.5.0

func (d *DatabaseCfg) ConnectionDialect() (string, string, error)

func (*DatabaseCfg) ConnectionString added in v1.5.0

func (d *DatabaseCfg) ConnectionString() string

type FlushDBCfg added in v1.0.0

type FlushDBCfg struct {
	MaxItems   *int       `yaml:"max_items,omitempty"`
	MaxAge     *string    `yaml:"max_age,omitempty"`
	BouncersGC *AuthGCCfg `yaml:"bouncers_autodelete,omitempty"`
	AgentsGC   *AuthGCCfg `yaml:"agents_autodelete,omitempty"`
}

type Hub added in v1.0.10

type Hub struct {
	HubDir       string `yaml:"-"`
	ConfigDir    string `yaml:"-"`
	HubIndexFile string `yaml:"-"`
	DataDir      string `yaml:"-"`
}

cscli specific config, such as hub directory

type LocalApiClientCfg added in v1.0.0

type LocalApiClientCfg struct {
	CredentialsFilePath string             `yaml:"credentials_path,omitempty"` // credz will be edited by software, store in diff file
	Credentials         *ApiCredentialsCfg `yaml:"-"`
	InsecureSkipVerify  *bool              `yaml:"insecure_skip_verify"` // check if api certificate is bad or not
}

local api config (for crowdsec/cscli->lapi)

func (*LocalApiClientCfg) Load added in v1.0.10

func (l *LocalApiClientCfg) Load() error

type LocalApiServerCfg added in v1.0.0

type LocalApiServerCfg struct {
	Enable                        *bool               `yaml:"enable"`
	ListenURI                     string              `yaml:"listen_uri,omitempty"` // 127.0.0.1:8080
	TLS                           *TLSCfg             `yaml:"tls"`
	DbConfig                      *DatabaseCfg        `yaml:"-"`
	LogDir                        string              `yaml:"-"`
	LogMedia                      string              `yaml:"-"`
	OnlineClient                  *OnlineApiClientCfg `yaml:"online_client"`
	ProfilesPath                  string              `yaml:"profiles_path,omitempty"`
	ConsoleConfigPath             string              `yaml:"console_path,omitempty"`
	ConsoleConfig                 *ConsoleConfig      `yaml:"-"`
	Profiles                      []*ProfileCfg       `yaml:"-"`
	LogLevel                      *log.Level          `yaml:"log_level"`
	UseForwardedForHeaders        bool                `yaml:"use_forwarded_for_headers,omitempty"`
	TrustedProxies                *[]string           `yaml:"trusted_proxies,omitempty"`
	CompressLogs                  *bool               `yaml:"-"`
	LogMaxSize                    int                 `yaml:"-"`
	LogMaxAge                     int                 `yaml:"-"`
	LogMaxFiles                   int                 `yaml:"-"`
	TrustedIPs                    []string            `yaml:"trusted_ips,omitempty"`
	PapiLogLevel                  *log.Level          `yaml:"papi_log_level"`
	DisableRemoteLapiRegistration bool                `yaml:"disable_remote_lapi_registration,omitempty"`
	CapiWhitelistsPath            string              `yaml:"capi_whitelists_path,omitempty"`
	CapiWhitelists                *CapiWhitelist      `yaml:"-"`
}

local api service configuration

func (*LocalApiServerCfg) DumpConsoleConfig added in v1.3.0

func (c *LocalApiServerCfg) DumpConsoleConfig() error

func (*LocalApiServerCfg) GetTrustedIPs added in v1.3.3

func (lapiCfg *LocalApiServerCfg) GetTrustedIPs() ([]net.IPNet, error)

func (*LocalApiServerCfg) LoadCapiWhitelists added in v1.5.0

func (s *LocalApiServerCfg) LoadCapiWhitelists() error

func (*LocalApiServerCfg) LoadConsoleConfig added in v1.3.0

func (c *LocalApiServerCfg) LoadConsoleConfig() error

func (*LocalApiServerCfg) LoadProfiles added in v1.0.0

func (c *LocalApiServerCfg) LoadProfiles() error

type OnlineApiClientCfg added in v1.0.0

type OnlineApiClientCfg struct {
	CredentialsFilePath string             `yaml:"credentials_path,omitempty"` // credz will be edited by software, store in diff file
	Credentials         *ApiCredentialsCfg `yaml:"-"`
}

global api config (for lapi->oapi)

func (*OnlineApiClientCfg) Load added in v1.0.10

func (o *OnlineApiClientCfg) Load() error

type PluginCfg added in v1.2.0

type PluginCfg struct {
	User  string
	Group string
}

type ProfileCfg added in v1.0.0

type ProfileCfg struct {
	Name          string            `yaml:"name,omitempty"`
	Debug         *bool             `yaml:"debug,omitempty"`
	Filters       []string          `yaml:"filters,omitempty"` //A list of OR'ed expressions. the models.Alert object
	Decisions     []models.Decision `yaml:"decisions,omitempty"`
	DurationExpr  string            `yaml:"duration_expr,omitempty"`
	OnSuccess     string            `yaml:"on_success,omitempty"` //continue or break
	OnFailure     string            `yaml:"on_failure,omitempty"` //continue or break
	OnError       string            `yaml:"on_error,omitempty"`   //continue, break, error, report, apply, ignore
	Notifications []string          `yaml:"notifications,omitempty"`
}

Profile structure(s) are used by the local API to "decide" what kind of decision should be applied when a scenario with an active remediation has been triggered

type PrometheusCfg added in v1.0.0

type PrometheusCfg struct {
	Enabled    bool   `yaml:"enabled"`
	Level      string `yaml:"level"` //aggregated|full
	ListenAddr string `yaml:"listen_addr"`
	ListenPort int    `yaml:"listen_port"`
}

type SimulationConfig added in v0.3.0

type SimulationConfig struct {
	Simulation *bool    `yaml:"simulation"`
	Exclusions []string `yaml:"exclusions,omitempty"`
}

func (*SimulationConfig) IsSimulated added in v1.0.0

func (s *SimulationConfig) IsSimulated(scenario string) bool

type TLSCfg added in v1.0.0

type TLSCfg struct {
	CertFilePath       string         `yaml:"cert_file"`
	KeyFilePath        string         `yaml:"key_file"`
	ClientVerification string         `yaml:"client_verification,omitempty"`
	ServerName         string         `yaml:"server_name"`
	CACertPath         string         `yaml:"ca_cert_path"`
	AllowedAgentsOU    []string       `yaml:"agents_allowed_ou"`
	AllowedBouncersOU  []string       `yaml:"bouncers_allowed_ou"`
	CRLPath            string         `yaml:"crl_path"`
	CacheExpiration    *time.Duration `yaml:"cache_expiration,omitempty"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL