CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
Find a file
erenJag 4f9d252a15
Add the documentation into crowdsec repo (#3)
Add the documentation into crowdsec repo
2020-05-15 16:58:24 +02:00
.github actions 2020-05-15 11:41:18 +02:00
cmd rename cscli -> cwcli 2020-05-15 14:35:51 +02:00
config initial import 2020-05-15 11:39:16 +02:00
data initial import 2020-05-15 11:39:16 +02:00
docs Add the documentation into crowdsec repo (#3) 2020-05-15 16:58:24 +02:00
pkg up 2020-05-15 12:13:57 +02:00
plugins/backend initial import 2020-05-15 11:39:16 +02:00
scripts initial import 2020-05-15 11:39:16 +02:00
tests/scenario initial import 2020-05-15 11:39:16 +02:00
.gitignore Initial commit 2020-05-15 11:38:06 +02:00
go.mod initial import 2020-05-15 11:39:16 +02:00
go.sum initial import 2020-05-15 11:39:16 +02:00
LICENSE Initial commit 2020-05-15 11:38:06 +02:00
Makefile initial import 2020-05-15 11:39:16 +02:00
mkdocs.yml Add the documentation into crowdsec repo (#3) 2020-05-15 16:58:24 +02:00
README.md up doc 2020-05-15 13:00:54 +02:00
RELEASE.json bump 2020-05-15 11:52:51 +02:00
wizard.sh up 2020-05-15 12:25:34 +02:00

Go build-binary-package

About the crowdsec project

Crowdsec is an open-source and lightweight software, that reads logs from different sources (files, streams ...) to parse, normalize and enrich them before comparing them to scenarios.

Scenarios describe more or less specific attacks, ultimately allowing to report malevolent actors and take further action, such as blocking, reporting, throttling etc.

One of the advantages of Crowdsec when compared to other solutions is its crowded aspect : Meta information about detected attacks (source IP, time and triggered scenario) are sent to a central API and then shared amongst all users.

Besides detecting and stopping attacks in real time based on your logs, it allows you to preemptively block known malevolent actors from accessing your information system.

About this repository

This repository contains the code for the two main components of crowdsec :

  • crowdsec : the daemon a-la-fail2ban that can read, parse, enrich and apply heuristis to logs. This is the component in charge of "detecting" the attacks
  • cscli : the cli tool mainly used to interact with crowdsec : ban/unban/view current bans, enable/disable parsers and scenarios.