MCPcopy
hub / github.com/crowdsecurity/crowdsec / newContextAddCmd

Method newContextAddCmd

cmd/crowdsec-cli/clilapi/context.go:49–99  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

47}
48
49func (cli *cliLapi) newContextAddCmd() *cobra.Command {
50 var (
51 keyToAdd string
52 valuesToAdd []string
53 )
54
55 cmd := &cobra.Command{
56 Use: "add",
57 Short: "Add context to send with alerts. You must specify the output key with the expr value you want",
58 Example: `cscli lapi context add --key source_ip --value evt.Meta.source_ip
59cscli lapi context add --key file_source --value evt.Line.Src
60cscli lapi context add --value evt.Meta.source_ip --value evt.Meta.target_user
61 `,
62 Args: args.NoArgs,
63 DisableAutoGenTag: true,
64 RunE: func(_ *cobra.Command, _ []string) error {
65 hub, err := require.Hub(cli.cfg(), nil)
66 if err != nil {
67 return err
68 }
69
70 if err = alertcontext.LoadConsoleContext(cli.cfg(), hub); err != nil {
71 return fmt.Errorf("while loading context: %w", err)
72 }
73
74 if keyToAdd != "" {
75 return cli.addContext(keyToAdd, valuesToAdd)
76 }
77
78 for _, v := range valuesToAdd {
79 keySlice := strings.Split(v, ".")
80 key := keySlice[len(keySlice)-1]
81 value := []string{v}
82
83 if err := cli.addContext(key, value); err != nil {
84 return err
85 }
86 }
87
88 return nil
89 },
90 }
91
92 flags := cmd.Flags()
93 flags.StringVarP(&keyToAdd, "key", "k", "", "The key of the different values to send")
94 flags.StringSliceVar(&valuesToAdd, "value", []string{}, "The expr fields to associate with the key")
95
96 _ = cmd.MarkFlagRequired("value")
97
98 return cmd
99}
100
101func (cli *cliLapi) newContextStatusCmd() *cobra.Command {
102 cmd := &cobra.Command{

Callers 1

newContextCmdMethod · 0.95

Calls 4

addContextMethod · 0.95
HubFunction · 0.92
LoadConsoleContextFunction · 0.92
cfgMethod · 0.80

Tested by

no test coverage detected