MCPcopy
hub / github.com/crowdsecurity/crowdsec / handleTimeFilters

Function handleTimeFilters

pkg/database/alertfilter.go:44–67  ·  view source on GitHub ↗
(param, value string, predicates *[]predicate.Alert)

Source from the content-addressed store, hash-verified

42}
43
44func handleTimeFilters(param, value string, predicates *[]predicate.Alert) error {
45 // crowsdec now always sends duration without days, but we allow them for
46 // compatibility with other tools
47 duration, err := cstime.ParseDurationWithDays(value)
48 if err != nil {
49 return fmt.Errorf("while parsing duration: %w", err)
50 }
51
52 timePoint := time.Now().UTC().Add(-duration)
53 if timePoint.IsZero() {
54 return fmt.Errorf("empty time now() - %s", timePoint.String())
55 }
56
57 switch param {
58 case "since":
59 *predicates = append(*predicates, alert.StartedAtGTE(timePoint))
60 case "created_before":
61 *predicates = append(*predicates, alert.CreatedAtLTE(timePoint))
62 case "until":
63 *predicates = append(*predicates, alert.StartedAtLTE(timePoint))
64 }
65
66 return nil
67}
68
69func handleAlertIPv4Predicates(rng csnet.Range, contains bool, predicates *[]predicate.Alert) {
70 if contains { // decision contains {start_ip,end_ip}

Callers 1

Calls 6

StartedAtGTEFunction · 0.92
CreatedAtLTEFunction · 0.92
StartedAtLTEFunction · 0.92
IsZeroMethod · 0.80
AddMethod · 0.45
StringMethod · 0.45

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…