csconfig

package
v1.5.6-rc2 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Dec 8, 2023 License: MIT Imports: 20 Imported by: 1

Documentation

Index

Constants

View Source
const (
	SEND_CUSTOM_SCENARIOS  = "custom"
	SEND_TAINTED_SCENARIOS = "tainted"
	SEND_MANUAL_SCENARIOS  = "manual"
	CONSOLE_MANAGEMENT     = "console_management"
	SEND_CONTEXT           = "context"
)
View Source
const (
	DEFAULT_MAX_OPEN_CONNS = 100
)

Variables

View Source
var DefaultConsoleConfigFilePath = DefaultConfigPath("console.yaml")

Functions

func DefaultConfigPath added in v1.3.1

func DefaultConfigPath(elem ...string) string

DefaultConfigPath returns the default path for a configuration resource "elem" parameters are path components relative to the default cfg directory.

func DefaultDataPath added in v1.3.1

func DefaultDataPath(elem ...string) string

DefaultDataPath returns the default path for a data resource. "elem" parameters are path components relative to the default data directory.

func GetFeatureFilePath added in v1.5.5

func GetFeatureFilePath(configPath string) string

FeatureFlagsFileLocation returns the path to the feature.yaml file. The file is in the same directory as config.yaml, which is provided as the fist parameter. This can be different than ConfigPaths.ConfigDir because we have not read config.yaml yet so we don't know the value of ConfigDir.

func ListFeatureFlags added in v1.5.0

func ListFeatureFlags() string

ListFeatureFlags returns a list of the enabled feature flags.

func LoadFeatureFlagsEnv added in v1.5.0

func LoadFeatureFlagsEnv(logger *log.Logger) error

LoadFeatureFlagsEnv parses the environment variables to enable feature flags.

func LoadFeatureFlagsFile added in v1.5.0

func LoadFeatureFlagsFile(configPath string, logger *log.Logger) error

LoadFeatureFlags parses feature.yaml to enable feature flags.

Types

type APICfg added in v1.0.0

type APICfg struct {
	Client *LocalApiClientCfg `yaml:"client"`
	Server *LocalApiServerCfg `yaml:"server"`
	CTI    *CTICfg            `yaml:"cti"`
}

type ApiCredentialsCfg added in v1.0.0

type ApiCredentialsCfg struct {
	PapiURL    string `yaml:"papi_url,omitempty" json:"papi_url,omitempty"`
	URL        string `yaml:"url,omitempty" json:"url,omitempty"`
	Login      string `yaml:"login,omitempty" json:"login,omitempty"`
	Password   string `yaml:"password,omitempty" json:"-"`
	CACertPath string `yaml:"ca_cert_path,omitempty"`
	KeyPath    string `yaml:"key_path,omitempty"`
	CertPath   string `yaml:"cert_path,omitempty"`
}

type AuthGCCfg added in v1.4.0

type AuthGCCfg struct {
	Cert                  *string `yaml:"cert,omitempty"`
	CertDuration          *time.Duration
	Api                   *string `yaml:"api_key,omitempty"`
	ApiDuration           *time.Duration
	LoginPassword         *string `yaml:"login_password,omitempty"`
	LoginPasswordDuration *time.Duration
}

type CTICfg added in v1.5.0

type CTICfg struct {
	Key          *string        `yaml:"key,omitempty"`
	CacheTimeout *time.Duration `yaml:"cache_timeout,omitempty"`
	CacheSize    *int           `yaml:"cache_size,omitempty"`
	Enabled      *bool          `yaml:"enabled,omitempty"`
	LogLevel     *log.Level     `yaml:"log_level,omitempty"`
}

func (*CTICfg) Load added in v1.5.0

func (a *CTICfg) Load() error

type CapiWhitelist added in v1.5.0

type CapiWhitelist struct {
	Ips   []net.IP     `yaml:"ips,omitempty"`
	Cidrs []*net.IPNet `yaml:"cidrs,omitempty"`
}

type CommonCfg added in v1.0.0

type CommonCfg struct {
	Daemonize      bool
	PidDir         string     `yaml:"pid_dir,omitempty"` // TODO: This is just for backward compat. Remove this later
	LogMedia       string     `yaml:"log_media"`
	LogDir         string     `yaml:"log_dir,omitempty"` //if LogMedia = file
	LogLevel       *log.Level `yaml:"log_level"`
	WorkingDir     string     `yaml:"working_dir,omitempty"` // TODO: This is just for backward compat. Remove this later
	CompressLogs   *bool      `yaml:"compress_logs,omitempty"`
	LogMaxSize     int        `yaml:"log_max_size,omitempty"`
	LogMaxAge      int        `yaml:"log_max_age,omitempty"`
	LogMaxFiles    int        `yaml:"log_max_files,omitempty"`
	ForceColorLogs bool       `yaml:"force_color_logs,omitempty"`
}

daemonization/service related stuff

type Config added in v1.0.10

type Config struct {
	//just a path to ourselves :p
	FilePath     *string             `yaml:"-"`
	Self         []byte              `yaml:"-"`
	Common       *CommonCfg          `yaml:"common,omitempty"`
	Prometheus   *PrometheusCfg      `yaml:"prometheus,omitempty"`
	Crowdsec     *CrowdsecServiceCfg `yaml:"crowdsec_service,omitempty"`
	Cscli        *CscliCfg           `yaml:"cscli,omitempty"`
	DbConfig     *DatabaseCfg        `yaml:"db_config,omitempty"`
	API          *APICfg             `yaml:"api,omitempty"`
	ConfigPaths  *ConfigurationPaths `yaml:"config_paths,omitempty"`
	PluginConfig *PluginCfg          `yaml:"plugin_config,omitempty"`
	DisableAPI   bool                `yaml:"-"`
	DisableAgent bool                `yaml:"-"`
	Hub          *LocalHubCfg        `yaml:"-"`
}

Config contains top-level defaults -> overridden by configuration file -> overridden by CLI flags

func GetConfig added in v1.6.0

func GetConfig() Config

func NewConfig added in v1.0.0

func NewConfig(configFile string, disableAgent bool, disableAPI bool, quiet bool) (*Config, string, error)

func NewDefaultConfig added in v1.0.0

func NewDefaultConfig() *Config

func (*Config) LoadAPIClient added in v1.0.10

func (c *Config) LoadAPIClient() error

func (*Config) LoadAPIServer added in v1.0.10

func (c *Config) LoadAPIServer() error

func (*Config) LoadCrowdsec added in v1.0.10

func (c *Config) LoadCrowdsec() error

func (*Config) LoadDBConfig added in v1.0.10

func (c *Config) LoadDBConfig() error

func (*Config) LoadSimulation added in v1.0.10

func (c *Config) LoadSimulation() error

type ConfigurationPaths added in v1.0.0

type ConfigurationPaths struct {
	ConfigDir          string `yaml:"config_dir"`
	DataDir            string `yaml:"data_dir,omitempty"`
	SimulationFilePath string `yaml:"simulation_path,omitempty"`
	HubIndexFile       string `yaml:"index_path,omitempty"` //path of the .index.json
	HubDir             string `yaml:"hub_dir,omitempty"`
	PluginDir          string `yaml:"plugin_dir,omitempty"`
	NotificationDir    string `yaml:"notification_dir,omitempty"`
}

type ConsoleConfig added in v1.3.0

type ConsoleConfig struct {
	ShareManualDecisions  *bool `yaml:"share_manual_decisions"`
	ShareTaintedScenarios *bool `yaml:"share_tainted"`
	ShareCustomScenarios  *bool `yaml:"share_custom"`
	ConsoleManagement     *bool `yaml:"console_management"`
	ShareContext          *bool `yaml:"share_context"`
}

type CrowdsecServiceCfg added in v1.0.0

type CrowdsecServiceCfg struct {
	Enable                    *bool             `yaml:"enable"`
	AcquisitionFilePath       string            `yaml:"acquisition_path,omitempty"`
	AcquisitionDirPath        string            `yaml:"acquisition_dir,omitempty"`
	ConsoleContextPath        string            `yaml:"console_context_path"`
	ConsoleContextValueLength int               `yaml:"console_context_value_length"`
	AcquisitionFiles          []string          `yaml:"-"`
	ParserRoutinesCount       int               `yaml:"parser_routines"`
	BucketsRoutinesCount      int               `yaml:"buckets_routines"`
	OutputRoutinesCount       int               `yaml:"output_routines"`
	SimulationConfig          *SimulationConfig `yaml:"-"`
	BucketStateFile           string            `yaml:"state_input_file,omitempty"` // if we need to unserialize buckets at start
	BucketStateDumpDir        string            `yaml:"state_output_dir,omitempty"` // if we need to unserialize buckets on shutdown
	BucketsGCEnabled          bool              `yaml:"-"`                          // we need to garbage collect buckets when in forensic mode

	SimulationFilePath string              `yaml:"-"`
	ContextToSend      map[string][]string `yaml:"-"`
}

CrowdsecServiceCfg contains the location of parsers/scenarios/... and acquisition files

func (*CrowdsecServiceCfg) DumpContextConfigFile added in v1.5.0

func (c *CrowdsecServiceCfg) DumpContextConfigFile() error

type CscliCfg added in v1.0.0

type CscliCfg struct {
	Output           string            `yaml:"output,omitempty"`
	Color            string            `yaml:"color,omitempty"`
	HubBranch        string            `yaml:"hub_branch"`
	SimulationConfig *SimulationConfig `yaml:"-"`
	DbConfig         *DatabaseCfg      `yaml:"-"`

	SimulationFilePath string `yaml:"-"`
	PrometheusUrl      string `yaml:"prometheus_uri"`
}

cscli specific config, such as hub directory

type DatabaseCfg added in v1.0.0

type DatabaseCfg struct {
	User             string      `yaml:"user"`
	Password         string      `yaml:"password"`
	DbName           string      `yaml:"db_name"`
	Sslmode          string      `yaml:"sslmode"`
	Host             string      `yaml:"host"`
	Port             int         `yaml:"port"`
	DbPath           string      `yaml:"db_path"`
	Type             string      `yaml:"type"`
	Flush            *FlushDBCfg `yaml:"flush"`
	LogLevel         *log.Level  `yaml:"log_level"`
	MaxOpenConns     *int        `yaml:"max_open_conns,omitempty"`
	UseWal           *bool       `yaml:"use_wal,omitempty"`
	DecisionBulkSize int         `yaml:"decision_bulk_size,omitempty"`
}

func (*DatabaseCfg) ConnectionDialect added in v1.5.0

func (d *DatabaseCfg) ConnectionDialect() (string, string, error)

func (*DatabaseCfg) ConnectionString added in v1.5.0

func (d *DatabaseCfg) ConnectionString() string

type FlushDBCfg added in v1.0.0

type FlushDBCfg struct {
	MaxItems   *int       `yaml:"max_items,omitempty"`
	MaxAge     *string    `yaml:"max_age,omitempty"`
	BouncersGC *AuthGCCfg `yaml:"bouncers_autodelete,omitempty"`
	AgentsGC   *AuthGCCfg `yaml:"agents_autodelete,omitempty"`
}

type LocalApiClientCfg added in v1.0.0

type LocalApiClientCfg struct {
	CredentialsFilePath string             `yaml:"credentials_path,omitempty"` // credz will be edited by software, store in diff file
	Credentials         *ApiCredentialsCfg `yaml:"-"`
	InsecureSkipVerify  *bool              `yaml:"insecure_skip_verify"` // check if api certificate is bad or not
}

local api config (for crowdsec/cscli->lapi)

func (*LocalApiClientCfg) Load added in v1.0.10

func (l *LocalApiClientCfg) Load() error

type LocalApiServerCfg added in v1.0.0

type LocalApiServerCfg struct {
	Enable                        *bool               `yaml:"enable"`
	ListenURI                     string              `yaml:"listen_uri,omitempty"` // 127.0.0.1:8080
	TLS                           *TLSCfg             `yaml:"tls"`
	DbConfig                      *DatabaseCfg        `yaml:"-"`
	LogDir                        string              `yaml:"-"`
	LogMedia                      string              `yaml:"-"`
	OnlineClient                  *OnlineApiClientCfg `yaml:"online_client"`
	ProfilesPath                  string              `yaml:"profiles_path,omitempty"`
	ConsoleConfigPath             string              `yaml:"console_path,omitempty"`
	ConsoleConfig                 *ConsoleConfig      `yaml:"-"`
	Profiles                      []*ProfileCfg       `yaml:"-"`
	LogLevel                      *log.Level          `yaml:"log_level"`
	UseForwardedForHeaders        bool                `yaml:"use_forwarded_for_headers,omitempty"`
	TrustedProxies                *[]string           `yaml:"trusted_proxies,omitempty"`
	CompressLogs                  *bool               `yaml:"-"`
	LogMaxSize                    int                 `yaml:"-"`
	LogMaxAge                     int                 `yaml:"-"`
	LogMaxFiles                   int                 `yaml:"-"`
	TrustedIPs                    []string            `yaml:"trusted_ips,omitempty"`
	PapiLogLevel                  *log.Level          `yaml:"papi_log_level"`
	DisableRemoteLapiRegistration bool                `yaml:"disable_remote_lapi_registration,omitempty"`
	CapiWhitelistsPath            string              `yaml:"capi_whitelists_path,omitempty"`
	CapiWhitelists                *CapiWhitelist      `yaml:"-"`
}

local api service configuration

func (*LocalApiServerCfg) GetTrustedIPs added in v1.3.3

func (lapiCfg *LocalApiServerCfg) GetTrustedIPs() ([]net.IPNet, error)

func (*LocalApiServerCfg) LoadCapiWhitelists added in v1.5.0

func (s *LocalApiServerCfg) LoadCapiWhitelists() error

func (*LocalApiServerCfg) LoadConsoleConfig added in v1.3.0

func (c *LocalApiServerCfg) LoadConsoleConfig() error

func (*LocalApiServerCfg) LoadProfiles added in v1.0.0

func (c *LocalApiServerCfg) LoadProfiles() error

type LocalHubCfg added in v1.6.0

type LocalHubCfg struct {
	HubIndexFile   string // Path to the local index file
	HubDir         string // Where the hub items are downloaded
	InstallDir     string // Where to install items
	InstallDataDir string // Where to install data
}

LocalHubCfg holds the configuration for a local hub: where to download etc.

type OnlineApiClientCfg added in v1.0.0

type OnlineApiClientCfg struct {
	CredentialsFilePath string             `yaml:"credentials_path,omitempty"` // credz will be edited by software, store in diff file
	Credentials         *ApiCredentialsCfg `yaml:"-"`
}

global api config (for lapi->oapi)

func (*OnlineApiClientCfg) Load added in v1.0.10

func (o *OnlineApiClientCfg) Load() error

type PluginCfg added in v1.2.0

type PluginCfg struct {
	User  string
	Group string
}

type ProfileCfg added in v1.0.0

type ProfileCfg struct {
	Name          string            `yaml:"name,omitempty"`
	Debug         *bool             `yaml:"debug,omitempty"`
	Filters       []string          `yaml:"filters,omitempty"` //A list of OR'ed expressions. the models.Alert object
	Decisions     []models.Decision `yaml:"decisions,omitempty"`
	DurationExpr  string            `yaml:"duration_expr,omitempty"`
	OnSuccess     string            `yaml:"on_success,omitempty"` //continue or break
	OnFailure     string            `yaml:"on_failure,omitempty"` //continue or break
	OnError       string            `yaml:"on_error,omitempty"`   //continue, break, error, report, apply, ignore
	Notifications []string          `yaml:"notifications,omitempty"`
}

Profile structure(s) are used by the local API to "decide" what kind of decision should be applied when a scenario with an active remediation has been triggered

type PrometheusCfg added in v1.0.0

type PrometheusCfg struct {
	Enabled    bool   `yaml:"enabled"`
	Level      string `yaml:"level"` //aggregated|full
	ListenAddr string `yaml:"listen_addr"`
	ListenPort int    `yaml:"listen_port"`
}

type SimulationConfig added in v0.3.0

type SimulationConfig struct {
	Simulation *bool    `yaml:"simulation"`
	Exclusions []string `yaml:"exclusions,omitempty"`
}

func (*SimulationConfig) IsSimulated added in v1.0.0

func (s *SimulationConfig) IsSimulated(scenario string) bool

type TLSCfg added in v1.0.0

type TLSCfg struct {
	CertFilePath       string         `yaml:"cert_file"`
	KeyFilePath        string         `yaml:"key_file"`
	ClientVerification string         `yaml:"client_verification,omitempty"`
	ServerName         string         `yaml:"server_name"`
	CACertPath         string         `yaml:"ca_cert_path"`
	AllowedAgentsOU    []string       `yaml:"agents_allowed_ou"`
	AllowedBouncersOU  []string       `yaml:"bouncers_allowed_ou"`
	CRLPath            string         `yaml:"crl_path"`
	CacheExpiration    *time.Duration `yaml:"cache_expiration,omitempty"`
}

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL