Documentation
¶
Overview ¶
Package csconfig contains the configuration structures for crowdsec and cscli.
Index ¶
- Constants
- Variables
- func DefaultConfigPath(elem ...string) string
- func DefaultDataPath(elem ...string) string
- func GetFeatureFilePath(configPath string) string
- func ListFeatureFlags() string
- func LoadFeatureFlagsEnv(logger *log.Logger) error
- func LoadFeatureFlagsFile(configPath string, logger *log.Logger) error
- type APICfg
- type ApiCredentialsCfg
- type AuthGCCfg
- type CTICfg
- type CapiWhitelist
- type CommonCfg
- type Config
- type ConfigurationPaths
- type ConsoleConfig
- type CrowdsecServiceCfg
- type CscliCfg
- type DatabaseCfg
- type FlushDBCfg
- type LocalAPIAutoRegisterCfg
- type LocalApiClientCfg
- type LocalApiServerCfg
- func (c *LocalApiServerCfg) ClientURL() string
- func (c *LocalApiServerCfg) GetTrustedIPs() ([]net.IPNet, error)
- func (c *LocalApiServerCfg) LoadAutoRegister() error
- func (c *LocalApiServerCfg) LoadCapiWhitelists() error
- func (c *LocalApiServerCfg) LoadConsoleConfig() error
- func (c *LocalApiServerCfg) LoadProfiles() error
- type LocalHubCfg
- type OnlineApiClientCfg
- type PluginCfg
- type ProfileCfg
- type PrometheusCfg
- type SimulationConfig
- type TLSCfg
Constants ¶
View Source
const ( SEND_CUSTOM_SCENARIOS = "custom" SEND_TAINTED_SCENARIOS = "tainted" SEND_MANUAL_SCENARIOS = "manual" CONSOLE_MANAGEMENT = "console_management" SEND_CONTEXT = "context" )
View Source
const (
DEFAULT_MAX_OPEN_CONNS = 100
)
Variables ¶
View Source
var CONSOLE_CONFIGS = []string{SEND_CUSTOM_SCENARIOS, SEND_MANUAL_SCENARIOS, SEND_TAINTED_SCENARIOS, SEND_CONTEXT, CONSOLE_MANAGEMENT}
View Source
var CONSOLE_CONFIGS_HELP = map[string]string{ SEND_CUSTOM_SCENARIOS: "Forward alerts from custom scenarios to the console", SEND_MANUAL_SCENARIOS: "Forward manual decisions to the console", SEND_TAINTED_SCENARIOS: "Forward alerts from tainted scenarios to the console", SEND_CONTEXT: "Forward context with alerts to the console", CONSOLE_MANAGEMENT: "Receive decisions from console", }
View Source
var DefaultConsoleConfigFilePath = DefaultConfigPath("console.yaml")
Functions ¶
func DefaultConfigPath ¶ added in v1.3.1
DefaultConfigPath returns the default path for a configuration resource "elem" parameters are path components relative to the default cfg directory.
func DefaultDataPath ¶ added in v1.3.1
DefaultDataPath returns the default path for a data resource. "elem" parameters are path components relative to the default data directory.
func GetFeatureFilePath ¶ added in v1.5.5
FeatureFlagsFileLocation returns the path to the feature.yaml file. The file is in the same directory as config.yaml, which is provided as the fist parameter. This can be different than ConfigPaths.ConfigDir because we have not read config.yaml yet so we don't know the value of ConfigDir.
func ListFeatureFlags ¶ added in v1.5.0
func ListFeatureFlags() string
ListFeatureFlags returns a list of the enabled feature flags.
func LoadFeatureFlagsEnv ¶ added in v1.5.0
LoadFeatureFlagsEnv parses the environment variables to enable feature flags.
Types ¶
type APICfg ¶ added in v1.0.0
type APICfg struct {
Client *LocalApiClientCfg `yaml:"client"`
Server *LocalApiServerCfg `yaml:"server"`
CTI *CTICfg `yaml:"cti"`
}
type ApiCredentialsCfg ¶ added in v1.0.0
type ApiCredentialsCfg struct {
PapiURL string `yaml:"papi_url,omitempty" json:"papi_url,omitempty"`
URL string `yaml:"url,omitempty" json:"url,omitempty"`
Login string `yaml:"login,omitempty" json:"login,omitempty"`
Password string `yaml:"password,omitempty" json:"-"`
CACertPath string `yaml:"ca_cert_path,omitempty"`
KeyPath string `yaml:"key_path,omitempty"`
CertPath string `yaml:"cert_path,omitempty"`
}
type CTICfg ¶ added in v1.5.0
type CapiWhitelist ¶ added in v1.5.0
type CommonCfg ¶ added in v1.0.0
type CommonCfg struct {
Daemonize bool
PidDir string `yaml:"pid_dir,omitempty"` // TODO: This is just for backward compat. Remove this later
LogMedia string `yaml:"log_media"`
LogDir string `yaml:"log_dir,omitempty"` //if LogMedia = file
LogLevel *log.Level `yaml:"log_level"`
WorkingDir string `yaml:"working_dir,omitempty"` // TODO: This is just for backward compat. Remove this later
CompressLogs *bool `yaml:"compress_logs,omitempty"`
LogMaxSize int `yaml:"log_max_size,omitempty"`
LogMaxAge int `yaml:"log_max_age,omitempty"`
LogMaxFiles int `yaml:"log_max_files,omitempty"`
ForceColorLogs bool `yaml:"force_color_logs,omitempty"`
}
daemonization/service related stuff
type Config ¶ added in v1.0.10
type Config struct {
// just a path to ourselves :p
FilePath *string `yaml:"-"`
Self []byte `yaml:"-"`
Common *CommonCfg `yaml:"common,omitempty"`
Prometheus *PrometheusCfg `yaml:"prometheus,omitempty"`
Crowdsec *CrowdsecServiceCfg `yaml:"crowdsec_service,omitempty"`
Cscli *CscliCfg `yaml:"cscli,omitempty"`
DbConfig *DatabaseCfg `yaml:"db_config,omitempty"`
API *APICfg `yaml:"api,omitempty"`
ConfigPaths *ConfigurationPaths `yaml:"config_paths,omitempty"`
PluginConfig *PluginCfg `yaml:"plugin_config,omitempty"`
DisableAPI bool `yaml:"-"`
DisableAgent bool `yaml:"-"`
Hub *LocalHubCfg `yaml:"-"`
}
Config contains top-level defaults -> overridden by configuration file -> overridden by CLI flags
func NewDefaultConfig ¶ added in v1.0.0
func NewDefaultConfig() *Config
func (*Config) LoadAPIClient ¶ added in v1.0.10
func (*Config) LoadAPIServer ¶ added in v1.0.10
func (*Config) LoadCrowdsec ¶ added in v1.0.10
func (*Config) LoadDBConfig ¶ added in v1.0.10
func (*Config) LoadSimulation ¶ added in v1.0.10
type ConfigurationPaths ¶ added in v1.0.0
type ConfigurationPaths struct {
ConfigDir string `yaml:"config_dir"`
DataDir string `yaml:"data_dir,omitempty"`
SimulationFilePath string `yaml:"simulation_path,omitempty"`
HubIndexFile string `yaml:"index_path,omitempty"` //path of the .index.json
HubDir string `yaml:"hub_dir,omitempty"`
PluginDir string `yaml:"plugin_dir,omitempty"`
NotificationDir string `yaml:"notification_dir,omitempty"`
PatternDir string `yaml:"pattern_dir,omitempty"`
}
type ConsoleConfig ¶ added in v1.3.0
type ConsoleConfig struct {
ConsoleManagement *bool `yaml:"console_management"`
}
func (*ConsoleConfig) EnabledOptions ¶ added in v1.6.1
func (c *ConsoleConfig) EnabledOptions() []string
func (*ConsoleConfig) IsPAPIEnabled ¶ added in v1.6.0
func (c *ConsoleConfig) IsPAPIEnabled() bool
type CrowdsecServiceCfg ¶ added in v1.0.0
type CrowdsecServiceCfg struct {
Enable *bool `yaml:"enable"`
AcquisitionFilePath string `yaml:"acquisition_path,omitempty"`
AcquisitionDirPath string `yaml:"acquisition_dir,omitempty"`
ConsoleContextPath string `yaml:"console_context_path"`
ConsoleContextValueLength int `yaml:"console_context_value_length"`
AcquisitionFiles []string `yaml:"-"`
ParserRoutinesCount int `yaml:"parser_routines"`
BucketsRoutinesCount int `yaml:"buckets_routines"`
OutputRoutinesCount int `yaml:"output_routines"`
SimulationConfig *SimulationConfig `yaml:"-"`
BucketStateFile string `yaml:"state_input_file,omitempty"` // if we need to unserialize buckets at start
BucketStateDumpDir string `yaml:"state_output_dir,omitempty"` // if we need to unserialize buckets on shutdown
BucketsGCEnabled bool `yaml:"-"` // we need to garbage collect buckets when in forensic mode
SimulationFilePath string `yaml:"-"`
ContextToSend map[string][]string `yaml:"-"`
}
CrowdsecServiceCfg contains the location of parsers/scenarios/... and acquisition files
func (*CrowdsecServiceCfg) DumpContextConfigFile ¶ added in v1.5.0
func (c *CrowdsecServiceCfg) DumpContextConfigFile() error
type CscliCfg ¶ added in v1.0.0
type CscliCfg struct {
Output string `yaml:"output,omitempty"`
Color string `yaml:"color,omitempty"`
HubBranch string `yaml:"hub_branch"`
HubURLTemplate string `yaml:"__hub_url_template__,omitempty"`
SimulationConfig *SimulationConfig `yaml:"-"`
DbConfig *DatabaseCfg `yaml:"-"`
SimulationFilePath string `yaml:"-"`
PrometheusUrl string `yaml:"prometheus_uri"`
}
cscli specific config, such as hub directory
type DatabaseCfg ¶ added in v1.0.0
type DatabaseCfg struct {
User string `yaml:"user"`
Password string `yaml:"password"`
DbName string `yaml:"db_name"`
Sslmode string `yaml:"sslmode"`
Host string `yaml:"host"`
Port int `yaml:"port"`
DbPath string `yaml:"db_path"`
Type string `yaml:"type"`
Flush *FlushDBCfg `yaml:"flush"`
LogLevel *log.Level `yaml:"log_level"`
MaxOpenConns int `yaml:"max_open_conns,omitempty"`
UseWal *bool `yaml:"use_wal,omitempty"`
DecisionBulkSize int `yaml:"decision_bulk_size,omitempty"`
}
func (*DatabaseCfg) ConnectionDialect ¶ added in v1.5.0
func (d *DatabaseCfg) ConnectionDialect() (string, string, error)
func (*DatabaseCfg) ConnectionString ¶ added in v1.5.0
func (d *DatabaseCfg) ConnectionString() string
type FlushDBCfg ¶ added in v1.0.0
type FlushDBCfg struct {
MaxItems *int `yaml:"max_items,omitempty"`
// We could unmarshal as time.Duration, but alert filters right now are a map of strings
MaxAge *string `yaml:"max_age,omitempty"`
BouncersGC *AuthGCCfg `yaml:"bouncers_autodelete,omitempty"`
AgentsGC *AuthGCCfg `yaml:"agents_autodelete,omitempty"`
MetricsMaxAge *time.Duration `yaml:"metrics_max_age,omitempty"`
}
type LocalAPIAutoRegisterCfg ¶ added in v1.6.3
type LocalApiClientCfg ¶ added in v1.0.0
type LocalApiClientCfg struct {
CredentialsFilePath string `yaml:"credentials_path,omitempty"` // credz will be edited by software, store in diff file
Credentials *ApiCredentialsCfg `yaml:"-"`
InsecureSkipVerify *bool `yaml:"insecure_skip_verify"` // check if api certificate is bad or not
}
local api config (for crowdsec/cscli->lapi)
func (*LocalApiClientCfg) Load ¶ added in v1.0.10
func (l *LocalApiClientCfg) Load() error
type LocalApiServerCfg ¶ added in v1.0.0
type LocalApiServerCfg struct {
Enable *bool `yaml:"enable"`
ListenURI string `yaml:"listen_uri,omitempty"` // 127.0.0.1:8080
ListenSocket string `yaml:"listen_socket,omitempty"`
TLS *TLSCfg `yaml:"tls"`
DbConfig *DatabaseCfg `yaml:"-"`
LogDir string `yaml:"-"`
LogMedia string `yaml:"-"`
OnlineClient *OnlineApiClientCfg `yaml:"online_client"`
ProfilesPath string `yaml:"profiles_path,omitempty"`
ConsoleConfigPath string `yaml:"console_path,omitempty"`
ConsoleConfig *ConsoleConfig `yaml:"-"`
Profiles []*ProfileCfg `yaml:"-"`
LogLevel *log.Level `yaml:"log_level"`
UseForwardedForHeaders bool `yaml:"use_forwarded_for_headers,omitempty"`
TrustedProxies *[]string `yaml:"trusted_proxies,omitempty"`
CompressLogs *bool `yaml:"-"`
LogMaxSize int `yaml:"-"`
LogMaxAge int `yaml:"-"`
LogMaxFiles int `yaml:"-"`
TrustedIPs []string `yaml:"trusted_ips,omitempty"`
PapiLogLevel *log.Level `yaml:"papi_log_level"`
DisableRemoteLapiRegistration bool `yaml:"disable_remote_lapi_registration,omitempty"`
CapiWhitelistsPath string `yaml:"capi_whitelists_path,omitempty"`
CapiWhitelists *CapiWhitelist `yaml:"-"`
AutoRegister *LocalAPIAutoRegisterCfg `yaml:"auto_registration,omitempty"`
}
local api service configuration
func (*LocalApiServerCfg) ClientURL ¶ added in v1.6.1
func (c *LocalApiServerCfg) ClientURL() string
func (*LocalApiServerCfg) GetTrustedIPs ¶ added in v1.3.3
func (c *LocalApiServerCfg) GetTrustedIPs() ([]net.IPNet, error)
func (*LocalApiServerCfg) LoadAutoRegister ¶ added in v1.6.3
func (c *LocalApiServerCfg) LoadAutoRegister() error
func (*LocalApiServerCfg) LoadCapiWhitelists ¶ added in v1.5.0
func (c *LocalApiServerCfg) LoadCapiWhitelists() error
func (*LocalApiServerCfg) LoadConsoleConfig ¶ added in v1.3.0
func (c *LocalApiServerCfg) LoadConsoleConfig() error
func (*LocalApiServerCfg) LoadProfiles ¶ added in v1.0.0
func (c *LocalApiServerCfg) LoadProfiles() error
type LocalHubCfg ¶ added in v1.6.0
type LocalHubCfg struct {
HubIndexFile string // Path to the local index file
HubDir string // Where the hub items are downloaded
InstallDir string // Where to install items
InstallDataDir string // Where to install data
}
LocalHubCfg holds the configuration for a local hub: where to download etc.
type OnlineApiClientCfg ¶ added in v1.0.0
type OnlineApiClientCfg struct {
CredentialsFilePath string `yaml:"credentials_path,omitempty"` // credz will be edited by software, store in diff file
Credentials *ApiCredentialsCfg `yaml:"-"`
}
global api config (for lapi->oapi)
func (*OnlineApiClientCfg) Load ¶ added in v1.0.10
func (o *OnlineApiClientCfg) Load() error
type ProfileCfg ¶ added in v1.0.0
type ProfileCfg struct {
Name string `yaml:"name,omitempty"`
Debug *bool `yaml:"debug,omitempty"`
Filters []string `yaml:"filters,omitempty"` // A list of OR'ed expressions. the models.Alert object
Decisions []models.Decision `yaml:"decisions,omitempty"`
DurationExpr string `yaml:"duration_expr,omitempty"`
OnSuccess string `yaml:"on_success,omitempty"` // continue or break
OnFailure string `yaml:"on_failure,omitempty"` // continue or break
OnError string `yaml:"on_error,omitempty"` // continue, break, error, report, apply, ignore
Notifications []string `yaml:"notifications,omitempty"`
}
Profile structure(s) are used by the local API to "decide" what kind of decision should be applied when a scenario with an active remediation has been triggered
type PrometheusCfg ¶ added in v1.0.0
type SimulationConfig ¶ added in v0.3.0
type SimulationConfig struct {
Simulation *bool `yaml:"simulation"`
Exclusions []string `yaml:"exclusions,omitempty"`
}
func (*SimulationConfig) IsSimulated ¶ added in v1.0.0
func (s *SimulationConfig) IsSimulated(scenario string) bool
type TLSCfg ¶ added in v1.0.0
type TLSCfg struct {
CertFilePath string `yaml:"cert_file"`
KeyFilePath string `yaml:"key_file"`
ClientVerification string `yaml:"client_verification,omitempty"`
ServerName string `yaml:"server_name"`
CACertPath string `yaml:"ca_cert_path"`
AllowedAgentsOU []string `yaml:"agents_allowed_ou"`
AllowedBouncersOU []string `yaml:"bouncers_allowed_ou"`
CRLPath string `yaml:"crl_path"`
CacheExpiration *time.Duration `yaml:"cache_expiration,omitempty"`
}
func (*TLSCfg) GetAuthType ¶ added in v1.6.0
func (t *TLSCfg) GetAuthType() (tls.ClientAuthType, error)
Source Files
Click to show internal directories.
Click to hide internal directories.