Skip to content

v1.6.4

Latest
Compare
Choose a tag to compare
@sabban sabban released this 20 Nov 11:19
· 96 commits to fb733ee43a4f0210dd65d32618dec00e5904ab6f since this release
523164f

Overview

HTTP datasource

This release introduce http data source that enable crowdsec to ingest logs from an http endpoint such as Datadog or Vector.

See documentation here

Alert context appsec

This release also introduces the alert context ability when using appsec.

See related doc here

Replay evtx file support

This release allows Windows CrowdSec users to replay Winevent evtx files.

Bouncers API Key sharing

Bouncers running on different machines can now share the same API key without interfering with each other. Each bouncer will appear as bouncer_name@IP in the bouncer list. (#3323)

New Features

Improvements

  • Allow bouncers to share API keys (#3323) @blotus
  • Support multiple appsec configs (#3314) @buixor
  • context propagation: papi, loki (#3308) @mmetc
  • Add explicit configuration for signals sharing and blocklists pull (#3277) @blotus
  • loki: add no_ready_check option (#3317) @blotus
  • logs and user messages: use "serialize" and "parse" instead of marshal/unmarshal (#3240) @mmetc
  • context propagation: cscli {capi,lapi,papi} (#3228) @mmetc
  • refact pkg/database: context propagation (start) (#3226) @mmetc

Changes

  • make: improve re2/wasm check (#3335) @mmetc
  • fix go version for azure pipeline (#3324) @blotus
  • add go minor in go.mod (#3318) @sabban
  • update checks for wrapped errors (#3117) @mmetc
  • refact cscli: decisions, lapi, bouncers, machines (#3306) @mmetc
  • make: remove obsolete/redundant parameters (#3304) @mmetc
  • remove unused code: HandleDeletedDecisions() (#3301) @mmetc
  • CI: update coverage ignore list for generated code (#3262) @mmetc
  • lint/revive: check tags on non-exported struct fields (#3257) @mmetc
  • context propagation: don't store ctx in api controller (#3268) @mmetc
  • CI: check generated code in test workflow (#3261) @mmetc
  • remove dependency from pkg/cwversion to pkg/acquisition (#3242) @mmetc
  • lint/nestif: reduce hubtest complexity (#3244) @mmetc
  • refact: alerts query (#3216) @mmetc
  • lint: enable (some) gocritic checks (#3238) @mmetc
  • enable linters: copyloopvar, intrange (#3184) @mmetc
  • refact acquisition: build profiles (optionally exclude datasources from final binary) (#3217) @mmetc
  • refact / split APIServer.Run() method (#3215) @mmetc
  • refact cscli - don't export functions if not required (#3224) @mmetc
  • refact: cscli papi (#3222) @mmetc
  • refact: pkg/apiclient set and use default user agent (#3219) @mmetc

Bug Fixes

Chore / Deps

Geolite2 notice

This product includes GeoLite2 data created by MaxMind, available from https://www.maxmind.com.

Installation

Take a look at the installation instructions.