Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
  • Dec 17 2021 07:41
    @buixor banned @cronlabspl
rick
@rick:rmendes.net
[m]
if I curl buzzworkers.com:6060/metrics I'm getting connection refused and for my prometheus server, it obviously say my targets are down
tandy
@tandy1000:matrix.org
[m]
i just upgraded crowdsec with apt and im gettting this?
oh the issue was crowdsec wasnt running
mainevent07
@mainevent07
Hello!
Can you help me, how may I get community-blocklist manually? For example, via curl and credentials in online_api_credentials.yaml
Philipp
@Philipp37303217_twitter
Hello people. I just started testing crowdsec. I installed Crowdsec 1.3.0 (no bouncer yet) and used wizard.sh -c to get everything i need (i guess?) i got the packages for e.g. apache. crowdsec is active and running. Now i used nessu for an web app scan on the servers apache. But i dont get any results in the /var/log/crowdsec.log ( following https://crowdsec.net/blog/tutorial-crowdsec-v1-1/ ). Any ressources on what i might do wrong or should do?
he2ss
@he2ss

Hi @Philipp37303217_twitter,

wizard.sh -c will not detect all the services, only the common ones. So depend what services do you need to monitor.
From which network the attacks are performed ? If it's from private network, may be you are not detecting attacks because of default whitelist that is installed.

You can confirm this showing the parsers sudo cscli parsers list

Fouine
@fouine:matrix.underworld.fr
[m]
Hello, is it possible to set http_proxy in crowdsec config?
blotus
@blotus
Hello
Yes you can, see https://docs.crowdsec.net/docs/next/faq/#how-to-set-up-proxy-
You just need to set the correct env vars
1 reply
and FYI, we've moved to discord, you can join our server here https://discord.gg/wGN7ShmEE8
1 reply
Fouine
@fouine:matrix.underworld.fr
[m]
(change your matrix room's topic to redirect users ;). )
Fouine
@fouine:matrix.underworld.fr
[m]
allow crowdsec process to contact crowdesc API and console
but, cscli hub update / upgrade, not
have to add env http_proxy into /etc/profile (at system level) BUT
sudo didn't follow this env :)
so if i need to do (ansible playbook) sudo user cscli hub update, it failed to exit through my proxy.
and my goal is to centralize update/upgrade collections from a central point (my ansible) to lots of VM
Fouine
@fouine:matrix.underworld.fr
[m]
Hey! the so called "Breizh Man" find a pretty solution for my usecase :)

````
become_user: root
become_method: sudo
become_flags: '-i'

tasks:

- name: check if Crowdsec CLI cscli exist
  stat:
    path: /usr/bin/cscli
  register: stat_result
- name: Update Crowdsec hub
  command: "cscli hub update"
  when: stat_result.stat.exists
- name: Upgrade Crowdsec hub
  command: "cscli hub upgrade"
  when: stat_result.stat.exists
become_flags: '-i'makes sudo load http_proxy env var on remote host (http_proxy var are set in /etc/profile on remote)
Fouine
@fouine:matrix.underworld.fr
[m]
Fouine
@fouine:matrix.underworld.fr
[m]
start in 3 minutes
ukrolelo
@ukrolelo
hey guyz, can somebody post link for opensource crowdsec gui?
*web
Fouine
@fouine:matrix.underworld.fr
[m]
Fouine
@fouine:matrix.underworld.fr
[m]
so please, bridge this matrix room with Discord :)
Thibault "bui" Koechlin
@buixor
@fouine:matrix.underworld.fr yes :)
th0mcat
@me:thomcat.rocks
[m]
I'm not sure how well that would work with this room already being bridged to Gitter
CactiChameleon9
@cacti_chameleon10:kde.org
[m]
(sshhh)
Zoz
@zoz:matrix.zoz-serv.org
[m]
hello world
oh merde ya Fouine
i try to exec crowdsec on docker and found this good post on reddit
Zoz
@zoz:matrix.zoz-serv.org
[m]
so i try some basic install on docker with this file
i touch and add some config inside the acquis.yaml for use the log of my nginx proxy manager
when i do some docker compose up -d i have some error like that
but the config.yaml who is generated contain
Zoz
@zoz:matrix.zoz-serv.org
[m]
so the crowdsec generate the /etc/crowdsec/online_api_credentials.yaml
1 reply
and this online api credential is empty
so nothing is up and the docker compose crash
on your github the config.yaml contain more information
looks like maybe their some problem ob the generated config.yaml on the docker compose
can u help with that ?
Fouine
@fouine:matrix.underworld.fr
[m]
Hello! is your Fosdem 2022 vidéo will be available in Fosdem Vidéo Recordings web site?