crowdsec/config/profiles.yaml

name: default_ip_remediation
#debug: true
filters:
 - Alert.Remediation == true && Alert.GetScope() == "Ip"
decisions:
 - type: ban
   duration: 4h
# notifications:
#   - slack_default  # Set the webhook in /etc/crowdsec/notifications/slack.yaml before enabling this.
#   - splunk_default # Set the splunk url and token in /etc/crowdsec/notifications/splunk.yaml  before enabling this.
#   - http_default # Set the required http parameters in  /etc/crowdsec/notifications/http.yaml before enabling this.
on_success: break
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`name: default_ip_remediation`
			`#debug: true`
			`filters:`
			`- Alert.Remediation == true && Alert.GetScope() == "Ip"`
			`decisions:`
			`- type: ban`
Fix documentation errors (#496) 2020-12-01 16:04:13 +00:00			`duration: 4h`
Output plugins (#878) * Add plugin system for notifications (#857) 2021-08-25 09:43:29 +00:00			`# notifications:`
			`# - slack_default # Set the webhook in /etc/crowdsec/notifications/slack.yaml before enabling this.`
			`# - splunk_default # Set the splunk url and token in /etc/crowdsec/notifications/splunk.yaml before enabling this.`
			`# - http_default # Set the required http parameters in /etc/crowdsec/notifications/http.yaml before enabling this.`
local api (#482) Co-authored-by: AlteredCoder Co-authored-by: erenJag 2020-11-30 09:37:17 +00:00			`on_success: break`