Merge branch 'main' into fw-metrics

crowdsec-docs/docs/configuration/crowdsec_configuration.md

@@ -150,6 +150,7 @@ db_config:
   flush:
     max_items: "<max_alerts_in_db>"
     max_age: "<max_age_of_alerts_in_db>"
+    metrics_max_age: "<max_age_metrics_in_db>"
     bouncers_autodelete:
       cert: "<max_duration_since_last_pull>"
       api_key: "<max_duration_since_last_pull>"
@@ -192,6 +193,11 @@ api:
       #- 127.0.0.1
       #- ::1
       #- 10.0.0.0/24
+    auto_registration:
+      enabled: <true|false>
+      token: <string>
+      allowed_ranges:
+        - 10.0.0.0/24
 prometheus:
   enabled: "(true|false)"
   level: "(full|aggregated)"
@@ -447,6 +453,7 @@ db_config:
   flush:
     max_items: "<max_alerts_in_db>"
     max_age: "<max_age_of_alerts_in_db>"
+    metrics_max_age: "<max_age_metrics_in_db>"
     bouncers_autodelete:
       cert: "<max_duration_since_last_pull>"
       api_key: "<max_duration_since_last_pull>"
@@ -593,6 +600,7 @@ When WAL is unspecified you will see the following warning message at startup :
 flush:
   max_items: <nb_max_alerts_in_database>
   max_age: <max_alerts_age_in_database>
+  metrics_max_age: <max_metrics_age_in_database>
   bouncers_autodelete:
     cert: "<max_duration_since_last_pull>"
     api_key: "<max_duration_since_last_pull>"
@@ -611,6 +619,21 @@ Number max of alerts in database.
 
 Alerts retention time.
 
+Supported units:
+
+ - `s`: seconds
+
+ - `m`: minutes
+
+ - `h`: hours
+
+ - `d`: days
+
+#### `metrics_max_age`
+> string
+
+Usage metrics retention time.
+
 Supported units:
 
  - `s`: seconds
@@ -688,7 +711,11 @@ api:
        - bouncers_ou
       crl_path: "<path_to_crl_file>"
       cache_expiration: "<cache_duration_for_revocation_check>"
-      
+    auto_registration:
+      enabled: <true|false>
+      token: <string>
+      allowed_ranges:
+       - 10.0.0.0/24 
 ```
 
 #### `cti`
@@ -790,6 +817,11 @@ server:
        - bouncers_ou
       crl_path: "<path_to_crl_file>"
       cache_expiration: "<cache_duration_for_revocation_check>"
+  auto_registration:
+    enabled: <true|false>
+    token: <string>
+    allowed_ranges:
+      - 10.0.0.0/24
 ```
 
 ##### `enable`
@@ -935,6 +967,40 @@ The format must be compatible with golang [time.Duration](https://pkg.go.dev/tim
 IPs or IP ranges which have admin access to API. The APIs would still need to have API keys.
 127.0.0.1 and ::1 are always given admin access whether specified or not.
 
+#### `auto_registration`
+
+This section configures LAPI to automatically accept new machine registrations
+
+```yaml
+auto_registration:
+  enabled: <true|false>
+  token: <string>
+  allowed_ranges:
+   - 10.0.0.0/24
+```
+
+##### `enabled`
+> bool
+
+Whether automatic registration should be enabled.
+
+Defaults to `false`.
+
+##### `token`
+> string
+
+Token that should be passed in the registration request if LAPI needs to automatically validate the machine.
+
+It must be at least 32 chars, and is mandatory if the feature is enabled.
+
+##### `allowed_ranges`
+> []string
+
+IP ranges that are allowed to use the auto registration features.
+
+It must have at least one entry if the feature is enabled
+
+
 ### `prometheus`
 
 This section is used by local API and crowdsec.

crowdsec-docs/docs/cscli/cscli_bouncers.md

@@ -36,6 +36,7 @@ Note: This command requires database direct access, so is intended to be run on
 * [cscli](/cscli/cscli.md)	 - cscli allows you to manage crowdsec
 * [cscli bouncers add](/cscli/cscli_bouncers_add.md)	 - add a single bouncer to the database
 * [cscli bouncers delete](/cscli/cscli_bouncers_delete.md)	 - delete bouncer(s) from the database
+* [cscli bouncers inspect](/cscli/cscli_bouncers_inspect.md)	 - inspect a bouncer by name
 * [cscli bouncers list](/cscli/cscli_bouncers_list.md)	 - list all bouncers within the database
 * [cscli bouncers prune](/cscli/cscli_bouncers_prune.md)	 - prune multiple bouncers from the database
 

crowdsec-docs/docs/cscli/cscli_bouncers_delete.md

@@ -10,10 +10,17 @@ delete bouncer(s) from the database
 cscli bouncers delete MyBouncerName [flags]
 ```
 
+### Examples
+
+```
+cscli bouncers delete "bouncer1" "bouncer2"
+```
+
 ### Options
 
 ```
-  -h, --help   help for delete
+  -h, --help             help for delete
+      --ignore-missing   don't print errors if one or more bouncers don't exist
 ```
 
 ### Options inherited from parent commands

crowdsec-docs/docs/cscli/cscli_bouncers_inspect.md

@@ -0,0 +1,41 @@
+---
+id: cscli_bouncers_inspect
+title: cscli bouncers inspect
+---
+## cscli bouncers inspect
+
+inspect a bouncer by name
+
+```
+cscli bouncers inspect [bouncer_name] [flags]
+```
+
+### Examples
+
+```
+cscli bouncers inspect "bouncer1"
+```
+
+### Options
+
+```
+  -h, --help   help for inspect
+```
+
+### Options inherited from parent commands
+
+```
+      --color string    Output color: yes, no, auto (default "auto")
+  -c, --config string   path to crowdsec config file (default "/etc/crowdsec/config.yaml")
+      --debug           Set logging to debug
+      --error           Set logging to error
+      --info            Set logging to info
+  -o, --output string   Output format: human, json, raw
+      --trace           Set logging to trace
+      --warning         Set logging to warning
+```
+
+### SEE ALSO
+
+* [cscli bouncers](/cscli/cscli_bouncers.md)	 - Manage bouncers [requires local API]
+

crowdsec-docs/docs/cscli/cscli_hub_update.md

@@ -19,7 +19,8 @@ cscli hub update [flags]
 ### Options
 
 ```
-  -h, --help   help for update
+  -h, --help           help for update
+      --with-content   Download index with embedded item content
 ```
 
 ### Options inherited from parent commands

crowdsec-docs/docs/cscli/cscli_lapi_context.md

@@ -6,10 +6,6 @@ title: cscli lapi context
 
 Manage context to send with alerts
 
-```
-cscli lapi context [command] [flags]
-```
-
 ### Options
 
 ```

crowdsec-docs/docs/cscli/cscli_lapi_register.md

@@ -21,6 +21,7 @@ cscli lapi register [flags]
   -f, --file string      output file destination
   -h, --help             help for register
       --machine string   Name of the machine to register with
+      --token string     Auto registration token to use
   -u, --url string       URL of the API (ie. http://127.0.0.1)
 ```
 

crowdsec-docs/docs/cscli/cscli_machines.md

@@ -42,6 +42,7 @@ cscli machines [action]
 * [cscli](/cscli/cscli.md)	 - cscli allows you to manage crowdsec
 * [cscli machines add](/cscli/cscli_machines_add.md)	 - add a single machine to the database
 * [cscli machines delete](/cscli/cscli_machines_delete.md)	 - delete machine(s) by name
+* [cscli machines inspect](/cscli/cscli_machines_inspect.md)	 - inspect a machine by name
 * [cscli machines list](/cscli/cscli_machines_list.md)	 - list all machines in the database
 * [cscli machines prune](/cscli/cscli_machines_prune.md)	 - prune multiple machines from the database
 * [cscli machines validate](/cscli/cscli_machines_validate.md)	 - validate a machine to access the local API

crowdsec-docs/docs/cscli/cscli_machines_delete.md

@@ -19,7 +19,8 @@ cscli machines delete "machine1" "machine2"
 ### Options
 
 ```
-  -h, --help   help for delete
+  -h, --help             help for delete
+      --ignore-missing   don't print errors if one or more machines don't exist
 ```
 
 ### Options inherited from parent commands

crowdsec-docs/docs/cscli/cscli_machines_inspect.md

@@ -0,0 +1,42 @@
+---
+id: cscli_machines_inspect
+title: cscli machines inspect
+---
+## cscli machines inspect
+
+inspect a machine by name
+
+```
+cscli machines inspect [machine_name] [flags]
+```
+
+### Examples
+
+```
+cscli machines inspect "machine1"
+```
+
+### Options
+
+```
+  -h, --help   help for inspect
+  -H, --hub    show hub state
+```
+
+### Options inherited from parent commands
+
+```
+      --color string    Output color: yes, no, auto (default "auto")
+  -c, --config string   path to crowdsec config file (default "/etc/crowdsec/config.yaml")
+      --debug           Set logging to debug
+      --error           Set logging to error
+      --info            Set logging to info
+  -o, --output string   Output format: human, json, raw
+      --trace           Set logging to trace
+      --warning         Set logging to warning
+```
+
+### SEE ALSO
+
+* [cscli machines](/cscli/cscli_machines.md)	 - Manage local API machines [requires local API]
+

crowdsec-docs/docs/cscli/cscli_notifications.md

@@ -32,8 +32,8 @@ To list/inspect/test notification template
 ### SEE ALSO
 
 * [cscli](/cscli/cscli.md)	 - cscli allows you to manage crowdsec
-* [cscli notifications inspect](/cscli/cscli_notifications_inspect.md)	 - Inspect active notifications plugin configuration
-* [cscli notifications list](/cscli/cscli_notifications_list.md)	 - list active notifications plugins
+* [cscli notifications inspect](/cscli/cscli_notifications_inspect.md)	 - Inspect notifications plugin
+* [cscli notifications list](/cscli/cscli_notifications_list.md)	 - list notifications plugins
 * [cscli notifications reinject](/cscli/cscli_notifications_reinject.md)	 - reinject an alert into profiles to trigger notifications
 * [cscli notifications test](/cscli/cscli_notifications_test.md)	 - send a generic test alert to notification plugin
 

crowdsec-docs/docs/cscli/cscli_notifications_inspect.md

@@ -4,11 +4,11 @@ title: cscli notifications inspect
 ---
 ## cscli notifications inspect
 
-Inspect active notifications plugin configuration
+Inspect notifications plugin
 
 ### Synopsis
 
-Inspect active notifications plugin and show configuration
+Inspect notifications plugin and show configuration
 
 ```
 cscli notifications inspect [flags]

crowdsec-docs/docs/cscli/cscli_notifications_list.md

@@ -4,11 +4,11 @@ title: cscli notifications list
 ---
 ## cscli notifications list
 
-list active notifications plugins
+list notifications plugins
 
 ### Synopsis
 
-list active notifications plugins
+list notifications plugins and their status (active or not)
 
 ```
 cscli notifications list [flags]

crowdsec-docs/docs/cscli/cscli_notifications_test.md

@@ -8,7 +8,7 @@ send a generic test alert to notification plugin
 
 ### Synopsis
 
-send a generic test alert to a notification plugin to test configuration even if is not active
+send a generic test alert to a notification plugin even if it is not active in profiles
 
 ```
 cscli notifications test [plugin name] [flags]

crowdsec-docs/docs/cscli/cscli_support_dump.md

@@ -8,20 +8,17 @@ Dump all your configuration to a zip file for easier support
 
 ### Synopsis
 
-Dump the following informations:
+Dump the following information:
 - Crowdsec version
 - OS version
-- Installed collections list
-- Installed parsers list
-- Installed scenarios list
-- Installed postoverflows list
-- Installed context list
-- Bouncers list
-- Machines list
-- CAPI status
-- LAPI status
+- Enabled feature flags
+- Latest Crowdsec logs (log processor, LAPI, remediation components)
+- Installed collections, parsers, scenarios...
+- Bouncers and machines list
+- CAPI/LAPI status
 - Crowdsec config (sensitive information like username and password are redacted)
 - Crowdsec metrics
+- Stack trace in case of process crash
 
 ```
 cscli support dump [flags]