impulsivefps
/
LemonSec
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
LemonSec/crowdsec/acquis.yaml

25 lines
456 B
YAML
Raw Blame History

# CrowdSec acquisition configuration
# This tells CrowdSec where to find logs to analyze
filenames:
# Traefik access logs
- /var/log/traefik/access.log
# Traefik application logs
- /var/log/traefik/traefik.log
labels:
type: traefik
---
# System authentication logs (if available)
filenames:
- /var/log/auth.log
labels:
type: syslog
---
# Journald (if running on host)
journald_filter:
- "SYSLOG_IDENTIFIER=sshd"
labels:
type: syslog
Reference in New Issue View Git Blame Copy Permalink