Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Dec 17 2021 07:41
    @buixor banned @cronlabspl
blotus
@blotus
Hello
Currently, this is not possible because crowdsec does not send us anything about deletion, but the next release of crowdsec will allow you to share with us informations about custom/tainted scenarios, and deletion as well (this will be opt-in)
XlllllllX
@XlllllllX
Well… this IP is reported and blocked by CS (?)
We are talking just about the web console?
blotus
@blotus
yes
if this was only for testing, don't worry your IP has no chance of being redistributed to other users
you can send me the IP in private if you want, I can check the status if you want to be sure :)
XlllllllX
@XlllllllX
thanks for this, because it was for testing, but in "real"…
Lamera
@Lamera
I discovered a strange behavior in our custom-bouncer logfile. every 10s it tries to add the same ips over and over again.
we write the remediation ips to a text file. the ips are already blocked through this file. but the custom bouncer triggers an add over and over again for these ips.
Martin Schaible
@martin.schaible_gitlab

Today all my servers are displaying no agents, no scenarios and no bouncers in the Console. It looks liek, that i'm not alone with this.

Any idea to fix this?

Thibault "bui" Koechlin
@buixor
Hello @martin.schaible_gitlab ! Thanks, we are looking into it !
Martin Schaible
@martin.schaible_gitlab
Would you liek to have a screenshot?
Thibault "bui" Koechlin
@buixor
@martin.schaible_gitlab if you can share me privately the email used and the machines ID impacted, it would be nice :)
Martin Schaible
@martin.schaible_gitlab
@buixor Hold on for a min :-)
Thibault "bui" Koechlin
@buixor
I PM'ed you ;)
Klaus Agnoletti
@klausagnoletti_twitter
The link I pasted earlier for our new Discord has expired. If you want to join, please use this instead: https://discord.gg/wGN7ShmEE8
CrowdSec
@Crowd_Security_twitter
You asked this in Discord also, right?
1 reply
Just to make sure we don’t answer your question both places.
plikmuny
@plikmuny
hi
i need help in installing cs-firewall-bouncer on Openwrt Rpi4
Arthur
@arthurlutz:matrix.org
[m]
Congrats for the kubernetes demo ! (bravo pour la démo kubernetes )
he2ss
@he2ss
Thanks !
CactiChameleon9
@cacti_chameleon10:kde.org
[m]
Can I selfhost the Console?
CactiChameleon9
@cacti_chameleon10:kde.org
[m]
Any chance that the discord can be bridged to matrix? I doubt I am the only person who isn't happy to use a propitiatory platform
Klaus Agnoletti
@klausagnoletti_twitter
Hey. No, you can't selfhost the console. It's proprietary and no plans to change that..
CactiChameleon9
@cacti_chameleon10:kde.org
[m]
Thats a shame
Klaus Agnoletti
@klausagnoletti_twitter
In terms of Discord we don't have any plans to bridge it with matrix. Is it even possible? And no, you're not the only one who doesn't want to use a proprietary platform for chatting. So far I've heard from one more. So for the time being - unless many more gitter users approach us - I don't think it's worth the effort. But that may change, who knows..
CactiChameleon9
@cacti_chameleon10:kde.org
[m]
A discord matrix bridge is possible, and isn't too hard to setup (depending on what bridge you use) - but understandable if its a not priority
Klaus Agnoletti
@klausagnoletti_twitter
Thanks. I'll take a look at it
Klaus Agnoletti
@klausagnoletti_twitter
The OPNsense port of CrowdSec is finally ready now in a public beta release from https://github.com/crowdsecurity/opnsense-plugin-crowdsec. Get it while it's hot! If you run into problems please ask in #-bsd on our Discord! Let me know if you need the invite link!
Arthur
@arthurlutz:matrix.org
[m]
cscli alerts list | grep community
| 1733 | crowdsec/community-blocklist | update : +4714/-0 IPs             |         |                                | ban:4714  | 2022-01-27 09:27:54 +0100      |
| 1729 | crowdsec/community-blocklist | update : +4681/-0 IPs             |         |                                | ban:29    | 2022-01-27 07:27:54 +0100      |
| 1724 | crowdsec/community-blocklist | update : +4641/-0 IPs             |         |                                | ban:14    | 2022-01-27 05:27:54 +0100      |
does this indicate the number of IPs banned from the community (not attacking "yet" my server) ?
if so what happened today for the number of banned ips to go from a two figure number to a four figure number ?
CrowdSec
@Crowd_Security_twitter
yes :slightly_smiling_face:
Arthur
@arthurlutz:matrix.org
[m]
and the 4714 ip bans from this morning ?
Ricardo
@rmdes
do I need to run a prometheus server to be able to listen to the mydomain:6060/metrics endpoint ?
I have added the graphana dashboard for crowdsec
but i'm getting connection refused when, on the graphana side, I configure the prometheus source data
Ricardo
@rmdes
my graphana instance is not on the server where crowdsec is running just to be precise
blotus
@blotus
yes, you need a prometheus server to scrape the metrics
then add your prometheus server as a datasource in grafana, and the dashboards should work
rick
@rick:rmendes.net
[m]
Alright I see, doc wasn't clear or i misread probably
Thanks
rick
@rick:rmendes.net
[m]
so just to be sure, I should be able to curl mydomain:6060/metrics from the cli and get data right ?
and if I can't, make sure ports are open
right now I can only get curl data using localhost:6060/metrics
if I curl buzzworkers.com:6060/metrics I'm getting connection refused and for my prometheus server, it obviously say my targets are down
tandy
@tandy1000:matrix.org
[m]
i just upgraded crowdsec with apt and im gettting this?