Changes
- scenario labels to map string interface (#2201) @AlteredCoder
- do not send more than group_threshold alerts at once to a notification plugin (#2264) @mmetc
- cscli: add G (1e9) suffix to metric units (#2254) @mmetc
New Features
- add sentinel notification plugin (#2268) @blotus
- Add bayesian bucket type (#2290) @seemanne
- allow running rootless docker tests (#2281) @mmetc
Improvements
- CI: update pytest-cs - don't remove stopped containers after tests (#2459) @mmetc
- minor log message improvements (#2455) @mmetc
- [enhancement] cscli explain --labels (#2461) @LaurenceJJones
- refact alert/decisions insert/update to avoid database locking in bulk operations (#2446) @mmetc
- add html escape function so it can be invoked from template (#2451) @LaurenceJJones
- fix "cscli console disable --all"; cleanup "cscli console" command (#2444) @mmetc
- make: build with debug symbols in func tests or if DEBUG=1; drop BUILD_VENDOR_FLAGS (#2443) @mmetc
- alternate vendor file (xz compression and version number) (#2425) @mmetc
- move plugins/notifications/* to cmd/notification-* (#2429) @mmetc
- timeout while waiting for events to be flushed (#2423) @mmetc
- Unmarshal Json add log context (#2414) @LaurenceJJones
- add method name to child logger (#2411) @LaurenceJJones
- simplify context add (#2408) @AlteredCoder
- add bouncers prune command (#2379) @LaurenceJJones
- update dependency on go-cs-lib; drop the pkg/ part (#2393) @mmetc
- add machines prune command (#2011) @LaurenceJJones
- add metabase version override and update (#2370) @LaurenceJJones
- change output of "cscli metrics -o [json|raw]" from plain list to map with table names (#2375) @mmetc
- reduce log verbosity at startup (#2363) @mmetc
- make: error if BUILD_VERSION does not start with "v" (#2355) @mmetc
- support for stdin with "cscli decision import" and raw values (#2291) @mmetc
- non-fatal error if some datasource can't be run (i.e. journalctl but systemd is missing) (#2309) @mmetc
- build with libre2 by default, options for wasm and static; add mk/gmsl (#2295) @mmetc
- send metrics sooner if agents are added/removed (#2296) @mmetc
- append vendor.tgz to each release (#2288) @mmetc
- CI: vagrant configuration for debian 12 (#2285) @LaurenceJJones
- CI: Remove cache entries when closing a PR (#2289) @mmetc
- update jsonextract.go (#2287) @LaurenceJJones
- implement "crowdsec -fatal" flag; change help message (#2266) @mmetc
- don't log systemd notification error if not running under systemd (#2274) @mmetc
- build against libre2-dev if found (#2255) @mmetc
- log.Warning if a notification is configured twice (#2240) @mmetc
- CI: publish dev-debian docker image (amd64 only) (#2252) @mmetc
- CI: use hub cli to upload release tar (#2244) @mmetc
Bug Fixes
- fix hub directory on fc38 (#2468) @sabban
- kafka acquisition: do not create empty events when a read error occurs (#2466) @blotus
- fix the behavior of
-a
option ofcscli alerts list
: do not hide alerts with no associated decisions (#2435) @buixor - option db_client.decision_bulk_size (#2440) @mmetc
- update functional tests for build pipeline (#2442) @mmetc
- whitelist reason (#2439) @LaurenceJJones
- remove "and exit." when showing list of commands when running cscli (#2431) @RelativeSure
- remove duplicate line (#2432) @encg
- fix behavior of flag disable_http_retry_backoff (#2426) @mmetc
- conditional overflow doesn't overflow on capacity (#2412) @sabban
- CI: increase test sleep to fix flaky acquisition/file test under win (#2410) @mmetc
- cscli decisions list -o json => [] instead of null; same for alerts (#2397) @mmetc
- [cscli] bouncer delete fix wrong short (#2404) @LaurenceJJones
- fix the rpm build (#2396) @sabban
- fix unit file after modification (#2395) @sabban
- docker: allow GID with no persistent sqlite db (#2381) @mmetc
- fix "crowdsec-cli/require" log verbosity (#2390) @mmetc
- fix a confusing debug message (#2386) @buixor
- check cscli preconditions with crowdsec-cli/require package (#2388) @mmetc
- replace all imports of path with path/filepath (#2330) @mmetc
- go mod tidy for sentinel plugin (#2377) @blotus
- fix double push of metrics by properly handling tickers (#2374) @mmetc
- fix the ci by adding the ability to enforce event ordering (#2347) @sabban
- add object key in src for S3 acquis (#2342) @blotus
- properly match new files on windows when doing file acquisition (#2329) @blotus
- rename status to state in fire response (#2313) @blotus
- raise error with invalid 'on_success', 'on_failure' in profile (#2303) @mmetc
- docker: always merge .yaml.local in conf_get() (#2272) @mmetc
- change api_key encoding to base64 to comply with bcrypt max size (#2302) @mmetc
- fix error message when failing to parse ip address or range (#2292) @mmetc
Chore / Deps
- CI: remove explicit cache-dependency-path (#2452) @mmetc
- use go 1.20.7 (#2409) @mmetc
- golangci-lint: use v1.54, remove unnecessary byte/string conversions (#2438) @mmetc
- pkg/types cleanup (#2398) @mmetc
- remove calls to log.Fatal (#2399) @mmetc
- apic: minor refactoring (#2415) @mmetc
- update pytest dependencies (#2407) @mmetc
- update pytest dependencies (#2389) @mmetc
- build target for "make tidy" (#2378) @mmetc
- update google/winops dependency (#2366) @mmetc
- update gonic/gin to 1.9.1 (#2230) @mmetc
- expose the FormatAlert function to other packages (#2248) @blotus
- update ansible requirements (#2364) @sabban
- CI: test with postgres 15 (#2149) @mmetc
- update dependency: docker/docker (#2360) @mmetc
- typo fix, uppercase 'API', adjusted log level (#2361) @mmetc
- use same levenshtein package for cscli, ent, hcl (#2359) @mmetc
- use go 1.20.6 (#2358) @mmetc
- update pytest dependencies (#2356) @mmetc
- update dependencies: k8s, swag, jwt (#2357) @mmetc
- update dependency on goccy/go-yaml for arm32 fix (#2343) @mmetc
- CI: bump and lock pytest dependencies (#2340) @mmetc
- update grpc dependency to latest stable version (#2339) @mmetc
- errors.Wrap -> fmt.Errorf (#2333) @mmetc
- CI: reduce test verbosity; set PKG_CONFIG_PATH for re2 in rpm distros (#2331) @mmetc
- update go-re2 dep to fix arm32 build (#2332) @mmetc
- tests: vagrant refactoring (#2328) @mmetc
- CI: update ansible tests for re2 (#2318) @mmetc
- errors.Wrap -> fmt.Errorf (#2317) @mmetc
- func tests: install some dependencies from make, log test helpers (#2314) @mmetc
- rename metabase APIClient to avoid confusion (#2305) @mmetc
- CI: Update setup-go action to v4 (with automatic cache) (#2168) @mmetc
- docker: build same re2 version for alpine/debian; bump yq (#2311) @mmetc
- update debian version to have latest systemd (#2304) @he2ss
- CI: build docker version with c++ re2 (static) (#2307) @mmetc
- errors.Wrap -> fmt.Errorf; clean up imports (#2301) @mmetc
- CI: add fedora-37, -38 to vagrant tests (#2299) @mmetc
- update leakybucket readme (#2298) @mmetc
- errors.Wrap -> fmt.Errorf (#2297) @mmetc
- update go dependencies (#2293) @mmetc
- spellcheck/style leakybucket readme (#2294) @mmetc
- use go 1.20.5 (#2280) @mmetc
- light pkg/parser cleanup (#2279) @mmetc
- trim pkg/types: move DataSet/GetData to pkg/cwhub, removed unused Clone function (#2271) @mmetc
- add missing import (#2275) @mmetc
- minor refactor to pkg/types, cscli machines (#2270) @mmetc
- move grok_pattern.go away from pkg/types to reduce bouncer dependencies (#2269) @mmetc
- don't pre-create log files (not required anymore) (#2267) @mmetc
- CI: add tests for metrics configuration (#2251) @mmetc
- CI: refactor makefile for plugins and vendor target (#2256) @mmetc
- update notif threshold test on windows (#2265) @mmetc
- show option -winsvc only under windows (#2258) @mmetc
- CI: make clean -> remove coverage data (#2259) @mmetc
- make: allow using a development version of Go, with a warning (#2260) @mmetc
- gitignore: ignore .vagrant directories (#2262) @mmetc
- default config: simulation off -> false (yaml 1.2) (#2263) @mmetc
- dependencies: replaced function calls to pkg/types, errors.Wrap (#2235) @mmetc
- CI: refactoring pkg/csplugin (#2247) @mmetc
- CI: separate stderr in all func tests (#2250) @mmetc
- update libsystemd in debian docker image (#2245) @he2ss
- types.InSlice() -> slices.Contains() (#2246) @mmetc
Geolite2 notice
This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.
Installation
Take a look at the installation instructions.