Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Dec 17 2021 07:41
    @buixor banned @cronlabspl
rick
@rick:rmendes.net
[m]
Thanks
rick
@rick:rmendes.net
[m]
so just to be sure, I should be able to curl mydomain:6060/metrics from the cli and get data right ?
and if I can't, make sure ports are open
right now I can only get curl data using localhost:6060/metrics
if I curl buzzworkers.com:6060/metrics I'm getting connection refused and for my prometheus server, it obviously say my targets are down
tandy
@tandy1000:matrix.org
[m]
i just upgraded crowdsec with apt and im gettting this?
oh the issue was crowdsec wasnt running
mainevent07
@mainevent07
Hello!
Can you help me, how may I get community-blocklist manually? For example, via curl and credentials in online_api_credentials.yaml
Philipp
@Philipp37303217_twitter
Hello people. I just started testing crowdsec. I installed Crowdsec 1.3.0 (no bouncer yet) and used wizard.sh -c to get everything i need (i guess?) i got the packages for e.g. apache. crowdsec is active and running. Now i used nessu for an web app scan on the servers apache. But i dont get any results in the /var/log/crowdsec.log ( following https://crowdsec.net/blog/tutorial-crowdsec-v1-1/ ). Any ressources on what i might do wrong or should do?
he2ss
@he2ss

Hi @Philipp37303217_twitter,

wizard.sh -c will not detect all the services, only the common ones. So depend what services do you need to monitor.
From which network the attacks are performed ? If it's from private network, may be you are not detecting attacks because of default whitelist that is installed.

You can confirm this showing the parsers sudo cscli parsers list

Fouine
@fouine:matrix.underworld.fr
[m]
Hello, is it possible to set http_proxy in crowdsec config?
blotus
@blotus
Hello
Yes you can, see https://docs.crowdsec.net/docs/next/faq/#how-to-set-up-proxy-
You just need to set the correct env vars
1 reply
and FYI, we've moved to discord, you can join our server here https://discord.gg/wGN7ShmEE8
1 reply
Fouine
@fouine:matrix.underworld.fr
[m]
(change your matrix room's topic to redirect users ;). )
Fouine
@fouine:matrix.underworld.fr
[m]
allow crowdsec process to contact crowdesc API and console
but, cscli hub update / upgrade, not
have to add env http_proxy into /etc/profile (at system level) BUT
sudo didn't follow this env :)
so if i need to do (ansible playbook) sudo user cscli hub update, it failed to exit through my proxy.
and my goal is to centralize update/upgrade collections from a central point (my ansible) to lots of VM
Fouine
@fouine:matrix.underworld.fr
[m]
Hey! the so called "Breizh Man" find a pretty solution for my usecase :)

````
become_user: root
become_method: sudo
become_flags: '-i'

tasks:

- name: check if Crowdsec CLI cscli exist
  stat:
    path: /usr/bin/cscli
  register: stat_result
- name: Update Crowdsec hub
  command: "cscli hub update"
  when: stat_result.stat.exists
- name: Upgrade Crowdsec hub
  command: "cscli hub upgrade"
  when: stat_result.stat.exists
become_flags: '-i'makes sudo load http_proxy env var on remote host (http_proxy var are set in /etc/profile on remote)
Fouine
@fouine:matrix.underworld.fr
[m]
Fouine
@fouine:matrix.underworld.fr
[m]
start in 3 minutes
ukrolelo
@ukrolelo
hey guyz, can somebody post link for opensource crowdsec gui?
*web
Fouine
@fouine:matrix.underworld.fr
[m]
Fouine
@fouine:matrix.underworld.fr
[m]
so please, bridge this matrix room with Discord :)
Thibault "bui" Koechlin
@buixor
@fouine:matrix.underworld.fr yes :)
th0mcat
@me:thomcat.rocks
[m]
I'm not sure how well that would work with this room already being bridged to Gitter
CactiChameleon9
@cacti_chameleon10:kde.org
[m]
(sshhh)
Zoz
@zoz:matrix.zoz-serv.org
[m]
hello world
oh merde ya Fouine
i try to exec crowdsec on docker and found this good post on reddit
Zoz
@zoz:matrix.zoz-serv.org
[m]
so i try some basic install on docker with this file
i touch and add some config inside the acquis.yaml for use the log of my nginx proxy manager
when i do some docker compose up -d i have some error like that
but the config.yaml who is generated contain
Zoz
@zoz:matrix.zoz-serv.org
[m]
so the crowdsec generate the /etc/crowdsec/online_api_credentials.yaml
1 reply
and this online api credential is empty
so nothing is up and the docker compose crash
on your github the config.yaml contain more information