Documentation ¶
Index ¶
- Constants
- Variables
- func DefaultConfigPath(elem ...string) string
- func DefaultDataPath(elem ...string) string
- func GetFeatureFilePath(configPath string) string
- func ListFeatureFlags() string
- func LoadFeatureFlagsEnv(logger *log.Logger) error
- func LoadFeatureFlagsFile(configPath string, logger *log.Logger) error
- type APICfg
- type ApiCredentialsCfg
- type AuthGCCfg
- type CTICfg
- type CapiWhitelist
- type CommonCfg
- type Config
- type ConfigurationPaths
- type ConsoleConfig
- type CrowdsecServiceCfg
- type CscliCfg
- type DatabaseCfg
- type FlushDBCfg
- type LocalApiClientCfg
- type LocalApiServerCfg
- type LocalHubCfg
- type OnlineApiClientCfg
- type PluginCfg
- type ProfileCfg
- type PrometheusCfg
- type SimulationConfig
- type TLSCfg
Constants ¶
const ( SEND_CUSTOM_SCENARIOS = "custom" SEND_TAINTED_SCENARIOS = "tainted" SEND_MANUAL_SCENARIOS = "manual" CONSOLE_MANAGEMENT = "console_management" SEND_CONTEXT = "context" )
const (
DEFAULT_MAX_OPEN_CONNS = 100
)
Variables ¶
var CONSOLE_CONFIGS = []string{SEND_CUSTOM_SCENARIOS, SEND_MANUAL_SCENARIOS, SEND_TAINTED_SCENARIOS, SEND_CONTEXT, CONSOLE_MANAGEMENT}
var DefaultConsoleConfigFilePath = DefaultConfigPath("console.yaml")
Functions ¶
func DefaultConfigPath ¶ added in v1.3.1
DefaultConfigPath returns the default path for a configuration resource "elem" parameters are path components relative to the default cfg directory.
func DefaultDataPath ¶ added in v1.3.1
DefaultDataPath returns the default path for a data resource. "elem" parameters are path components relative to the default data directory.
func GetFeatureFilePath ¶ added in v1.5.5
FeatureFlagsFileLocation returns the path to the feature.yaml file. The file is in the same directory as config.yaml, which is provided as the fist parameter. This can be different than ConfigPaths.ConfigDir because we have not read config.yaml yet so we don't know the value of ConfigDir.
func ListFeatureFlags ¶ added in v1.5.0
func ListFeatureFlags() string
ListFeatureFlags returns a list of the enabled feature flags.
func LoadFeatureFlagsEnv ¶ added in v1.5.0
LoadFeatureFlagsEnv parses the environment variables to enable feature flags.
Types ¶
type APICfg ¶ added in v1.0.0
type APICfg struct { Client *LocalApiClientCfg `yaml:"client"` Server *LocalApiServerCfg `yaml:"server"` CTI *CTICfg `yaml:"cti"` }
type ApiCredentialsCfg ¶ added in v1.0.0
type ApiCredentialsCfg struct { PapiURL string `yaml:"papi_url,omitempty" json:"papi_url,omitempty"` URL string `yaml:"url,omitempty" json:"url,omitempty"` Login string `yaml:"login,omitempty" json:"login,omitempty"` Password string `yaml:"password,omitempty" json:"-"` CACertPath string `yaml:"ca_cert_path,omitempty"` KeyPath string `yaml:"key_path,omitempty"` CertPath string `yaml:"cert_path,omitempty"` }
type CTICfg ¶ added in v1.5.0
type CapiWhitelist ¶ added in v1.5.0
type CommonCfg ¶ added in v1.0.0
type CommonCfg struct { Daemonize bool PidDir string `yaml:"pid_dir,omitempty"` // TODO: This is just for backward compat. Remove this later LogMedia string `yaml:"log_media"` LogDir string `yaml:"log_dir,omitempty"` //if LogMedia = file LogLevel *log.Level `yaml:"log_level"` WorkingDir string `yaml:"working_dir,omitempty"` // TODO: This is just for backward compat. Remove this later CompressLogs *bool `yaml:"compress_logs,omitempty"` LogMaxSize int `yaml:"log_max_size,omitempty"` LogMaxAge int `yaml:"log_max_age,omitempty"` LogMaxFiles int `yaml:"log_max_files,omitempty"` ForceColorLogs bool `yaml:"force_color_logs,omitempty"` }
daemonization/service related stuff
type Config ¶ added in v1.0.10
type Config struct { //just a path to ourselves :p FilePath *string `yaml:"-"` Self []byte `yaml:"-"` Common *CommonCfg `yaml:"common,omitempty"` Prometheus *PrometheusCfg `yaml:"prometheus,omitempty"` Crowdsec *CrowdsecServiceCfg `yaml:"crowdsec_service,omitempty"` Cscli *CscliCfg `yaml:"cscli,omitempty"` DbConfig *DatabaseCfg `yaml:"db_config,omitempty"` API *APICfg `yaml:"api,omitempty"` ConfigPaths *ConfigurationPaths `yaml:"config_paths,omitempty"` PluginConfig *PluginCfg `yaml:"plugin_config,omitempty"` DisableAPI bool `yaml:"-"` DisableAgent bool `yaml:"-"` Hub *LocalHubCfg `yaml:"-"` }
Config contains top-level defaults -> overridden by configuration file -> overridden by CLI flags
func NewDefaultConfig ¶ added in v1.0.0
func NewDefaultConfig() *Config
func (*Config) LoadAPIClient ¶ added in v1.0.10
func (*Config) LoadAPIServer ¶ added in v1.0.10
func (*Config) LoadCrowdsec ¶ added in v1.0.10
func (*Config) LoadDBConfig ¶ added in v1.0.10
func (*Config) LoadSimulation ¶ added in v1.0.10
type ConfigurationPaths ¶ added in v1.0.0
type ConfigurationPaths struct { ConfigDir string `yaml:"config_dir"` DataDir string `yaml:"data_dir,omitempty"` SimulationFilePath string `yaml:"simulation_path,omitempty"` HubIndexFile string `yaml:"index_path,omitempty"` //path of the .index.json HubDir string `yaml:"hub_dir,omitempty"` PluginDir string `yaml:"plugin_dir,omitempty"` NotificationDir string `yaml:"notification_dir,omitempty"` }
type ConsoleConfig ¶ added in v1.3.0
type ConsoleConfig struct { ConsoleManagement *bool `yaml:"console_management"` }
type CrowdsecServiceCfg ¶ added in v1.0.0
type CrowdsecServiceCfg struct { Enable *bool `yaml:"enable"` AcquisitionFilePath string `yaml:"acquisition_path,omitempty"` AcquisitionDirPath string `yaml:"acquisition_dir,omitempty"` ConsoleContextPath string `yaml:"console_context_path"` ConsoleContextValueLength int `yaml:"console_context_value_length"` AcquisitionFiles []string `yaml:"-"` ParserRoutinesCount int `yaml:"parser_routines"` BucketsRoutinesCount int `yaml:"buckets_routines"` OutputRoutinesCount int `yaml:"output_routines"` SimulationConfig *SimulationConfig `yaml:"-"` BucketStateFile string `yaml:"state_input_file,omitempty"` // if we need to unserialize buckets at start BucketStateDumpDir string `yaml:"state_output_dir,omitempty"` // if we need to unserialize buckets on shutdown BucketsGCEnabled bool `yaml:"-"` // we need to garbage collect buckets when in forensic mode SimulationFilePath string `yaml:"-"` ContextToSend map[string][]string `yaml:"-"` }
CrowdsecServiceCfg contains the location of parsers/scenarios/... and acquisition files
func (*CrowdsecServiceCfg) DumpContextConfigFile ¶ added in v1.5.0
func (c *CrowdsecServiceCfg) DumpContextConfigFile() error
type CscliCfg ¶ added in v1.0.0
type CscliCfg struct { Output string `yaml:"output,omitempty"` Color string `yaml:"color,omitempty"` HubBranch string `yaml:"hub_branch"` SimulationConfig *SimulationConfig `yaml:"-"` DbConfig *DatabaseCfg `yaml:"-"` SimulationFilePath string `yaml:"-"` PrometheusUrl string `yaml:"prometheus_uri"` }
cscli specific config, such as hub directory
type DatabaseCfg ¶ added in v1.0.0
type DatabaseCfg struct { User string `yaml:"user"` Password string `yaml:"password"` DbName string `yaml:"db_name"` Sslmode string `yaml:"sslmode"` Host string `yaml:"host"` Port int `yaml:"port"` DbPath string `yaml:"db_path"` Type string `yaml:"type"` Flush *FlushDBCfg `yaml:"flush"` LogLevel *log.Level `yaml:"log_level"` MaxOpenConns *int `yaml:"max_open_conns,omitempty"` UseWal *bool `yaml:"use_wal,omitempty"` DecisionBulkSize int `yaml:"decision_bulk_size,omitempty"` }
func (*DatabaseCfg) ConnectionDialect ¶ added in v1.5.0
func (d *DatabaseCfg) ConnectionDialect() (string, string, error)
func (*DatabaseCfg) ConnectionString ¶ added in v1.5.0
func (d *DatabaseCfg) ConnectionString() string
type FlushDBCfg ¶ added in v1.0.0
type LocalApiClientCfg ¶ added in v1.0.0
type LocalApiClientCfg struct { CredentialsFilePath string `yaml:"credentials_path,omitempty"` // credz will be edited by software, store in diff file Credentials *ApiCredentialsCfg `yaml:"-"` InsecureSkipVerify *bool `yaml:"insecure_skip_verify"` // check if api certificate is bad or not }
local api config (for crowdsec/cscli->lapi)
func (*LocalApiClientCfg) Load ¶ added in v1.0.10
func (l *LocalApiClientCfg) Load() error
type LocalApiServerCfg ¶ added in v1.0.0
type LocalApiServerCfg struct { Enable *bool `yaml:"enable"` ListenURI string `yaml:"listen_uri,omitempty"` // 127.0.0.1:8080 TLS *TLSCfg `yaml:"tls"` DbConfig *DatabaseCfg `yaml:"-"` LogDir string `yaml:"-"` LogMedia string `yaml:"-"` OnlineClient *OnlineApiClientCfg `yaml:"online_client"` ProfilesPath string `yaml:"profiles_path,omitempty"` ConsoleConfigPath string `yaml:"console_path,omitempty"` ConsoleConfig *ConsoleConfig `yaml:"-"` Profiles []*ProfileCfg `yaml:"-"` LogLevel *log.Level `yaml:"log_level"` UseForwardedForHeaders bool `yaml:"use_forwarded_for_headers,omitempty"` TrustedProxies *[]string `yaml:"trusted_proxies,omitempty"` CompressLogs *bool `yaml:"-"` LogMaxSize int `yaml:"-"` LogMaxAge int `yaml:"-"` LogMaxFiles int `yaml:"-"` TrustedIPs []string `yaml:"trusted_ips,omitempty"` PapiLogLevel *log.Level `yaml:"papi_log_level"` DisableRemoteLapiRegistration bool `yaml:"disable_remote_lapi_registration,omitempty"` CapiWhitelistsPath string `yaml:"capi_whitelists_path,omitempty"` CapiWhitelists *CapiWhitelist `yaml:"-"` }
local api service configuration
func (*LocalApiServerCfg) GetTrustedIPs ¶ added in v1.3.3
func (lapiCfg *LocalApiServerCfg) GetTrustedIPs() ([]net.IPNet, error)
func (*LocalApiServerCfg) LoadCapiWhitelists ¶ added in v1.5.0
func (s *LocalApiServerCfg) LoadCapiWhitelists() error
func (*LocalApiServerCfg) LoadConsoleConfig ¶ added in v1.3.0
func (c *LocalApiServerCfg) LoadConsoleConfig() error
func (*LocalApiServerCfg) LoadProfiles ¶ added in v1.0.0
func (c *LocalApiServerCfg) LoadProfiles() error
type LocalHubCfg ¶ added in v1.6.0
type LocalHubCfg struct { HubIndexFile string // Path to the local index file HubDir string // Where the hub items are downloaded InstallDir string // Where to install items InstallDataDir string // Where to install data }
LocalHubCfg holds the configuration for a local hub: where to download etc.
type OnlineApiClientCfg ¶ added in v1.0.0
type OnlineApiClientCfg struct { CredentialsFilePath string `yaml:"credentials_path,omitempty"` // credz will be edited by software, store in diff file Credentials *ApiCredentialsCfg `yaml:"-"` }
global api config (for lapi->oapi)
func (*OnlineApiClientCfg) Load ¶ added in v1.0.10
func (o *OnlineApiClientCfg) Load() error
type ProfileCfg ¶ added in v1.0.0
type ProfileCfg struct { Name string `yaml:"name,omitempty"` Debug *bool `yaml:"debug,omitempty"` Filters []string `yaml:"filters,omitempty"` //A list of OR'ed expressions. the models.Alert object Decisions []models.Decision `yaml:"decisions,omitempty"` DurationExpr string `yaml:"duration_expr,omitempty"` OnSuccess string `yaml:"on_success,omitempty"` //continue or break OnFailure string `yaml:"on_failure,omitempty"` //continue or break OnError string `yaml:"on_error,omitempty"` //continue, break, error, report, apply, ignore Notifications []string `yaml:"notifications,omitempty"` }
Profile structure(s) are used by the local API to "decide" what kind of decision should be applied when a scenario with an active remediation has been triggered
type PrometheusCfg ¶ added in v1.0.0
type SimulationConfig ¶ added in v0.3.0
type SimulationConfig struct { Simulation *bool `yaml:"simulation"` Exclusions []string `yaml:"exclusions,omitempty"` }
func (*SimulationConfig) IsSimulated ¶ added in v1.0.0
func (s *SimulationConfig) IsSimulated(scenario string) bool
type TLSCfg ¶ added in v1.0.0
type TLSCfg struct { CertFilePath string `yaml:"cert_file"` KeyFilePath string `yaml:"key_file"` ClientVerification string `yaml:"client_verification,omitempty"` ServerName string `yaml:"server_name"` CACertPath string `yaml:"ca_cert_path"` AllowedAgentsOU []string `yaml:"agents_allowed_ou"` AllowedBouncersOU []string `yaml:"bouncers_allowed_ou"` CRLPath string `yaml:"crl_path"` CacheExpiration *time.Duration `yaml:"cache_expiration,omitempty"` }