From 95400086ea67e77ea0526c4e2c432a18cbc5cb15 Mon Sep 17 00:00:00 2001 From: Thibault bui Koechlin Date: Mon, 20 Jul 2020 16:30:03 +0200 Subject: [PATCH] make doc more explicitit on initial collection install --- docs/getting_started/crowdsec-tour.md | 12 ++++++++++-- docs/index.md | 4 ++-- mkdocs.yml | 12 ++++++------ 3 files changed, 18 insertions(+), 10 deletions(-) diff --git a/docs/getting_started/crowdsec-tour.md b/docs/getting_started/crowdsec-tour.md index fdc972e5c..5be76b0e5 100644 --- a/docs/getting_started/crowdsec-tour.md +++ b/docs/getting_started/crowdsec-tour.md @@ -2,9 +2,17 @@ ## Finding configurations -As stated, {{crowdsec.name}} efficiency is dictated by installed parsers and scenarios. +{{crowdsec.Name}} efficiency is dictated by installed parsers and scenarios, so [take a look at the {{hub.name}}]({{hub.url}}) to find the appropriated ones ! -[Please take a look at the {{hub.name}}]({{hub.url}}) to find the appropriated ones ! +If you didn't perform the setup with the wizard, or if you are reading logs from other machines, you will have to pick the right {{collections.htmlname}}. This will ensure that {{crowdsec.name}} can parse the logs and has the corresponding scenarios. + +For example, if you're processing [nginx](http://nginx.org) logs, you might want to install the [nginx collection](https://hub.crowdsec.net/author/crowdsecurity/collections/nginx). + +A collection can be installed by typing `cscli install collection crowdsecurity/nginx`, and provides all the necessary parsers and scenarios to handle said log source. `systemctl reload crowdsec` to ensure the new scenarios are loaded. + +In the same spirit, the [crowdsecurity/sshd](https://hub.crowdsec.net/author/crowdsecurity/collections/sshd)'s collection will fit most sshd setups ! + +While {{crowdsec.name}} is running, a quick look at [`cscli metrics`](/observability/metrics/) should help you ensure that your log sources are correctly parsed. ## List installed configurations diff --git a/docs/index.md b/docs/index.md index 2b3c76686..4e2b27495 100644 --- a/docs/index.md +++ b/docs/index.md @@ -17,9 +17,9 @@ Besides detecting and stopping attacks in real time based on your logs, it allow ## Components -{{crowdsec.name}} ecosystem is based on the following tools : +{{crowdsec.name}} ecosystem is based on the following components : - - {{crowdsec.name}} is the "service" that runs in the background, processes logs and keeps track of attacks + - {{crowdsec.name}} is the lightweight service that processes logs and keeps track of attacks. - [{{cli.name}}]({{cli.main_doc}}) is the command line interface for humans, it allows you to view, add, or remove bans as well as to install, find ,or update scenarios and parsers - [{{blockers.name}}]({{hub.plugins_url}}) are the components that block malevolent traffic, and can be deployed anywhere in your stack diff --git a/mkdocs.yml b/mkdocs.yml index eede641e5..16e41d02d 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -39,18 +39,18 @@ nav: - Nginx: - Installation : "https://github.com/crowdsecurity/cs-nginx-blocker#installation" - Configuration : "https://github.com/crowdsecurity/cs-nginx-blocker#configuration" - - Wordpress: - - Installation : "https://github.com/crowdsecurity/cs-wordpress-plugin/#installation" - - Configuration : "https://github.com/crowdsecurity/cs-wordpress-plugin/#configuration" - Netfilter: - Installation : "https://github.com/crowdsecurity/cs-netfilter-blocker#installation" - Configuration : "https://github.com/crowdsecurity/cs-netfilter-blocker#configuration" - - Cloudflare: - - Installation: "https://github.com/crowdsecurity/cs-cloudflare-blocker#installation" - - Configuration: "https://github.com/crowdsecurity/cs-cloudflare-blocker#configuration" - Custom: - Installation: "https://github.com/crowdsecurity/cs-custom-blocker#installation" - Configuration: "https://github.com/crowdsecurity/cs-custom-blocker#configuration" + - Cloudflare: + - Installation: "https://github.com/crowdsecurity/cs-cloudflare-blocker#installation" + - Configuration: "https://github.com/crowdsecurity/cs-cloudflare-blocker#configuration" + - Wordpress: + - Installation : "https://github.com/crowdsecurity/cs-wordpress-plugin/#installation" + - Configuration : "https://github.com/crowdsecurity/cs-wordpress-plugin/#configuration" - Contributing: contributing/ - Cscli commands: - API: cscli/cscli_api.md