API tools faq
paste
Guest User

Untitled

a guest
Aug 25th, 2023
77
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 21.96 KB | None | 0 0
raw download clone embed print report
  1. Check if lapi needs to register an additional agent
  2.  
  3. sqlite database permissions updated
  4.  
  5. time="25-08-2023 09:55:29" level=info msg="hub index is up to date"
  6.  
  7. time="25-08-2023 09:55:29" level=info msg="Wrote new 812062 bytes index to /etc/crowdsec/hub/.index.json"
  8.  
  9. time="25-08-2023 09:55:29" level=info msg="dependency of crowdsecurity/sshd : outdated parsers crowdsecurity/sshd-logs"
  10.  
  11. time="25-08-2023 09:55:29" level=info msg="dependency of crowdsecurity/linux : sub collection crowdsecurity/sshd is broken : outdated parsers crowdsecurity/sshd-logs"
  12.  
  13. Running: cscli collections upgrade "crowdsecurity/linux"
  14.  
  15. time="25-08-2023 09:55:30" level=info msg="crowdsecurity/linux : up-to-date"
  16.  
  17. time="25-08-2023 09:55:30" level=info msg="Item 'crowdsecurity/linux' is up-to-date"
  18.  
  19. time="25-08-2023 09:55:30" level=info msg="Run 'sudo systemctl reload crowdsec' for the new configuration to be effective."
  20.  
  21. Running: cscli parsers upgrade "crowdsecurity/whitelists"
  22.  
  23. time="25-08-2023 09:55:31" level=info msg="crowdsecurity/whitelists : up-to-date"
  24.  
  25. time="25-08-2023 09:55:31" level=info msg="Item 'crowdsecurity/whitelists' is up-to-date"
  26.  
  27. time="25-08-2023 09:55:31" level=info msg="Run 'sudo systemctl reload crowdsec' for the new configuration to be effective."
  28.  
  29. Running: cscli parsers install "crowdsecurity/docker-logs"
  30.  
  31. time="25-08-2023 09:55:33" level=warning msg="crowdsecurity/docker-logs : overwrite"
  32.  
  33. time="25-08-2023 09:55:33" level=info msg="Enabled crowdsecurity/docker-logs"
  34.  
  35. time="25-08-2023 09:55:33" level=info msg="Run 'sudo systemctl reload crowdsec' for the new configuration to be effective."
  36.  
  37. Running: cscli parsers install "crowdsecurity/cri-logs"
  38.  
  39. time="25-08-2023 09:55:34" level=warning msg="crowdsecurity/cri-logs : overwrite"
  40.  
  41. time="25-08-2023 09:55:34" level=info msg="Enabled crowdsecurity/cri-logs"
  42.  
  43. time="25-08-2023 09:55:34" level=info msg="Run 'sudo systemctl reload crowdsec' for the new configuration to be effective."
  44.  
  45. Running: cscli collections install "crowdsecurity/nginx"
  46.  
  47. time="25-08-2023 09:55:35" level=warning msg="crowdsecurity/nginx-logs : overwrite"
  48.  
  49. time="25-08-2023 09:55:35" level=warning msg="crowdsecurity/nginx-req-limit-exceeded : overwrite"
  50.  
  51. time="25-08-2023 09:55:35" level=warning msg="crowdsecurity/http-logs : overwrite"
  52.  
  53. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/http-crawl-non_statics : overwrite"
  54.  
  55. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/http-probing : overwrite"
  56.  
  57. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/http-bad-user-agent : overwrite"
  58.  
  59. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/http-path-traversal-probing : overwrite"
  60.  
  61. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/http-sensitive-files : overwrite"
  62.  
  63. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/http-sqli-probing : overwrite"
  64.  
  65. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/http-xss-probing : overwrite"
  66.  
  67. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/http-backdoors-attempts : overwrite"
  68.  
  69. time="25-08-2023 09:55:36" level=warning msg="ltsich/http-w00tw00t : overwrite"
  70.  
  71. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/http-generic-bf : overwrite"
  72.  
  73. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/http-open-proxy : overwrite"
  74.  
  75. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/http-cve-2021-41773 : overwrite"
  76.  
  77. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/http-cve-2021-42013 : overwrite"
  78.  
  79. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/grafana-cve-2021-43798 : overwrite"
  80.  
  81. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/vmware-vcenter-vmsa-2021-0027 : overwrite"
  82.  
  83. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/fortinet-cve-2018-13379 : overwrite"
  84.  
  85. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/pulse-secure-sslvpn-cve-2019-11510 : overwrite"
  86.  
  87. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/f5-big-ip-cve-2020-5902 : overwrite"
  88.  
  89. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/thinkphp-cve-2018-20062 : overwrite"
  90.  
  91. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/apache_log4j2_cve-2021-44228 : overwrite"
  92.  
  93. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/jira_cve-2021-26086 : overwrite"
  94.  
  95. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/spring4shell_cve-2022-22965 : overwrite"
  96.  
  97. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/vmware-cve-2022-22954 : overwrite"
  98.  
  99. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/CVE-2022-37042 : overwrite"
  100.  
  101. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/CVE-2022-41082 : overwrite"
  102.  
  103. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/CVE-2022-35914 : overwrite"
  104.  
  105. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/CVE-2022-40684 : overwrite"
  106.  
  107. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/CVE-2022-26134 : overwrite"
  108.  
  109. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/CVE-2022-42889 : overwrite"
  110.  
  111. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/CVE-2022-41697 : overwrite"
  112.  
  113. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/CVE-2022-46169 : overwrite"
  114.  
  115. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/CVE-2022-44877 : overwrite"
  116.  
  117. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/CVE-2019-18935 : overwrite"
  118.  
  119. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/netgear_rce : overwrite"
  120.  
  121. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/http-cve : overwrite"
  122.  
  123. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/http-cve : overwrite"
  124.  
  125. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/base-http-scenarios : overwrite"
  126.  
  127. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/base-http-scenarios : overwrite"
  128.  
  129. time="25-08-2023 09:55:36" level=warning msg="crowdsecurity/nginx : overwrite"
  130.  
  131. time="25-08-2023 09:55:36" level=info msg="/etc/crowdsec/collections/http-cve.yaml already exists."
  132.  
  133. time="25-08-2023 09:55:36" level=info msg="/etc/crowdsec/collections/base-http-scenarios.yaml already exists."
  134.  
  135. time="25-08-2023 09:55:36" level=info msg="/etc/crowdsec/collections/nginx.yaml already exists."
  136.  
  137. time="25-08-2023 09:55:36" level=info msg="Enabled crowdsecurity/nginx"
  138.  
  139. time="25-08-2023 09:55:36" level=info msg="Run 'sudo systemctl reload crowdsec' for the new configuration to be effective."
  140.  
  141. Running: cscli collections install "crowdsecurity/http-cve"
  142.  
  143. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/http-cve-2021-41773 : overwrite"
  144.  
  145. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/http-cve-2021-42013 : overwrite"
  146.  
  147. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/grafana-cve-2021-43798 : overwrite"
  148.  
  149. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/vmware-vcenter-vmsa-2021-0027 : overwrite"
  150.  
  151. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/fortinet-cve-2018-13379 : overwrite"
  152.  
  153. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/pulse-secure-sslvpn-cve-2019-11510 : overwrite"
  154.  
  155. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/f5-big-ip-cve-2020-5902 : overwrite"
  156.  
  157. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/thinkphp-cve-2018-20062 : overwrite"
  158.  
  159. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/apache_log4j2_cve-2021-44228 : overwrite"
  160.  
  161. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/jira_cve-2021-26086 : overwrite"
  162.  
  163. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/spring4shell_cve-2022-22965 : overwrite"
  164.  
  165. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/vmware-cve-2022-22954 : overwrite"
  166.  
  167. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/CVE-2022-37042 : overwrite"
  168.  
  169. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/CVE-2022-41082 : overwrite"
  170.  
  171. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/CVE-2022-35914 : overwrite"
  172.  
  173. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/CVE-2022-40684 : overwrite"
  174.  
  175. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/CVE-2022-26134 : overwrite"
  176.  
  177. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/CVE-2022-42889 : overwrite"
  178.  
  179. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/CVE-2022-41697 : overwrite"
  180.  
  181. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/CVE-2022-46169 : overwrite"
  182.  
  183. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/CVE-2022-44877 : overwrite"
  184.  
  185. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/CVE-2019-18935 : overwrite"
  186.  
  187. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/netgear_rce : overwrite"
  188.  
  189. time="25-08-2023 09:55:38" level=warning msg="crowdsecurity/http-cve : overwrite"
  190.  
  191. time="25-08-2023 09:55:38" level=info msg="/etc/crowdsec/collections/http-cve.yaml already exists."
  192.  
  193. time="25-08-2023 09:55:38" level=info msg="Enabled crowdsecurity/http-cve"
  194.  
  195. time="25-08-2023 09:55:38" level=info msg="Run 'sudo systemctl reload crowdsec' for the new configuration to be effective."
  196.  
  197. Running: cscli collections install "crowdsecurity/whitelist-good-actors"
  198.  
  199. time="25-08-2023 09:55:40" level=warning msg="crowdsecurity/seo-bots-whitelist : overwrite"
  200.  
  201. time="25-08-2023 09:55:40" level=warning msg="crowdsecurity/cdn-whitelist : overwrite"
  202.  
  203. time="25-08-2023 09:55:40" level=warning msg="crowdsecurity/rdns : overwrite"
  204.  
  205. time="25-08-2023 09:55:40" level=warning msg="crowdsecurity/whitelist-good-actors : overwrite"
  206.  
  207. time="25-08-2023 09:55:40" level=info msg="/etc/crowdsec/collections/whitelist-good-actors.yaml already exists."
  208.  
  209. time="25-08-2023 09:55:40" level=info msg="Enabled crowdsecurity/whitelist-good-actors"
  210.  
  211. time="25-08-2023 09:55:40" level=info msg="Run 'sudo systemctl reload crowdsec' for the new configuration to be effective."
  212.  
  213. time="25-08-2023 09:55:40" level=warning msg="can't load CAPI credentials from '/etc/crowdsec//online_api_credentials.yaml' (missing field)"
  214.  
  215. time="25-08-2023 09:55:40" level=info msg="push and pull to Central API disabled"
  216.  
  217. time="25-08-2023 09:55:40" level=warning msg="can't load CAPI credentials from '/etc/crowdsec//online_api_credentials.yaml' (missing field)"
  218.  
  219. time="25-08-2023 09:55:40" level=info msg="push and pull to Central API disabled"
  220.  
  221. time="25-08-2023 09:55:40" level=info msg="Enabled feature flags: <none>"
  222.  
  223. time="25-08-2023 09:55:40" level=info msg="Crowdsec v1.5.2-4fbc3402fba932c8bd34b671527dcf7909d264c0"
  224.  
  225. time="25-08-2023 09:55:40" level=info msg="Loading prometheus collectors"
  226.  
  227. time="25-08-2023 09:55:40" level=warning msg="Communication with CrowdSec Central API disabled from configuration file"
  228.  
  229. time="25-08-2023 09:55:40" level=info msg="push and pull to Central API disabled"
  230.  
  231. time="25-08-2023 09:55:40" level=info msg="CrowdSec Local API listening on 0.0.0.0:8080"
  232.  
  233. time="25-08-2023 09:55:40" level=info msg="Loading grok library /etc/crowdsec/patterns"
  234.  
  235. time="25-08-2023 09:55:41" level=info msg="Loading enrich plugins"
  236.  
  237. time="25-08-2023 09:55:41" level=info msg="Successfully registered enricher 'GeoIpCity'"
  238.  
  239. time="25-08-2023 09:55:41" level=info msg="Successfully registered enricher 'GeoIpASN'"
  240.  
  241. time="25-08-2023 09:55:41" level=info msg="Successfully registered enricher 'IpToRange'"
  242.  
  243. time="25-08-2023 09:55:41" level=info msg="Successfully registered enricher 'reverse_dns'"
  244.  
  245. time="25-08-2023 09:55:41" level=info msg="Successfully registered enricher 'ParseDate'"
  246.  
  247. time="25-08-2023 09:55:41" level=info msg="Successfully registered enricher 'UnmarshalJSON'"
  248.  
  249. time="25-08-2023 09:55:41" level=info msg="Loading parsers from 9 files"
  250.  
  251. time="25-08-2023 09:55:41" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/parsers/s00-raw/cri-logs.yaml stage=s00-raw
  252.  
  253. time="25-08-2023 09:55:41" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/parsers/s00-raw/docker-logs.yaml stage=s00-raw
  254.  
  255. time="25-08-2023 09:55:41" level=info msg="Loaded 2 parser nodes" file=/etc/crowdsec/parsers/s00-raw/syslog-logs.yaml stage=s00-raw
  256.  
  257. time="25-08-2023 09:55:41" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/parsers/s01-parse/nginx-logs.yaml stage=s01-parse
  258.  
  259. time="25-08-2023 09:55:41" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/parsers/s01-parse/sshd-logs.yaml stage=s01-parse
  260.  
  261. time="25-08-2023 09:55:41" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/parsers/s02-enrich/dateparse-enrich.yaml stage=s02-enrich
  262.  
  263. time="25-08-2023 09:55:41" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/parsers/s02-enrich/geoip-enrich.yaml stage=s02-enrich
  264.  
  265. time="25-08-2023 09:55:41" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/parsers/s02-enrich/http-logs.yaml stage=s02-enrich
  266.  
  267. time="25-08-2023 09:55:41" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/parsers/s02-enrich/whitelists.yaml stage=s02-enrich
  268.  
  269. time="25-08-2023 09:55:41" level=info msg="Loaded 10 nodes from 3 stages"
  270.  
  271. time="25-08-2023 09:55:41" level=info msg="Loading postoverflow parsers"
  272.  
  273. time="25-08-2023 09:55:41" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/postoverflows/s00-enrich/rdns.yaml stage=s00-enrich
  274.  
  275. time="25-08-2023 09:55:41" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/postoverflows/s01-whitelist/cdn-whitelist.yaml stage=s01-whitelist
  276.  
  277. time="25-08-2023 09:55:41" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/postoverflows/s01-whitelist/seo-bots-whitelist.yaml stage=s01-whitelist
  278.  
  279. time="25-08-2023 09:55:41" level=info msg="Loaded 3 nodes from 2 stages"
  280.  
  281. time="25-08-2023 09:55:41" level=info msg="Loading 37 scenario files"
  282.  
  283. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=dawn-feather file=/etc/crowdsec/scenarios/http-xss-probing.yaml name=crowdsecurity/http-xss-probbing
  284.  
  285. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=young-dawn file=/etc/crowdsec/scenarios/http-sqli-probing.yaml name=crowdsecurity/http-sqli-probbing-detection
  286.  
  287. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=falling-hill file=/etc/crowdsec/scenarios/vmware-vcenter-vmsa-2021-0027.yaml name=crowdsecurity/vmware-vcenter-vmsa-2021-0027
  288.  
  289. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=lively-dawn file=/etc/crowdsec/scenarios/http-open-proxy.yaml name=crowdsecurity/http-open-proxy
  290.  
  291. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=lively-glitter file=/etc/crowdsec/scenarios/spring4shell_cve-2022-22965.yaml name=crowdsecurity/spring4shell_cve-2022-22965
  292.  
  293. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=muddy-smoke file=/etc/crowdsec/scenarios/CVE-2022-26134.yaml name=crowdsecurity/CVE-2022-26134
  294.  
  295. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=quiet-waterfall file=/etc/crowdsec/scenarios/ssh-bf.yaml name=crowdsecurity/ssh-bf
  296.  
  297. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=icy-water file=/etc/crowdsec/scenarios/ssh-bf.yaml name=crowdsecurity/ssh-bf_user-enum
  298.  
  299. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=dry-forest file=/etc/crowdsec/scenarios/netgear_rce.yaml name=crowdsecurity/netgear_rce
  300.  
  301. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=withered-rain file=/etc/crowdsec/scenarios/CVE-2019-18935.yaml name=crowdsecurity/CVE-2019-18935
  302.  
  303. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=holy-shape file=/etc/crowdsec/scenarios/fortinet-cve-2018-13379.yaml name=crowdsecurity/fortinet-cve-2018-13379
  304.  
  305. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=cool-sun file=/etc/crowdsec/scenarios/http-sensitive-files.yaml name=crowdsecurity/http-sensitive-files
  306.  
  307. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=falling-leaf file=/etc/crowdsec/scenarios/ssh-slow-bf.yaml name=crowdsecurity/ssh-slow-bf
  308.  
  309. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=green-butterfly file=/etc/crowdsec/scenarios/ssh-slow-bf.yaml name=crowdsecurity/ssh-slow-bf_user-enum
  310.  
  311. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=muddy-frost file=/etc/crowdsec/scenarios/f5-big-ip-cve-2020-5902.yaml name=crowdsecurity/f5-big-ip-cve-2020-5902
  312.  
  313. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=white-butterfly file=/etc/crowdsec/scenarios/http-backdoors-attempts.yaml name=crowdsecurity/http-backdoors-attempts
  314.  
  315. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=winter-haze file=/etc/crowdsec/scenarios/CVE-2022-46169.yaml name=crowdsecurity/CVE-2022-46169-bf
  316.  
  317. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=dry-frog file=/etc/crowdsec/scenarios/CVE-2022-46169.yaml name=crowdsecurity/CVE-2022-46169-cmd
  318.  
  319. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=little-breeze file=/etc/crowdsec/scenarios/http-cve-2021-42013.yaml name=crowdsecurity/http-cve-2021-42013
  320.  
  321. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=dry-wind file=/etc/crowdsec/scenarios/http-w00tw00t.yaml name=ltsich/http-w00tw00t
  322.  
  323. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=nameless-pine file=/etc/crowdsec/scenarios/CVE-2022-44877.yaml name=crowdsecurity/CVE-2022-44877
  324.  
  325. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=solitary-smoke file=/etc/crowdsec/scenarios/CVE-2022-41697.yaml name=crowdsecurity/CVE-2022-41697
  326.  
  327. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=broken-brook file=/etc/crowdsec/scenarios/vmware-cve-2022-22954.yaml name=crowdsecurity/vmware-cve-2022-22954
  328.  
  329. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=fragrant-resonance file=/etc/crowdsec/scenarios/jira_cve-2021-26086.yaml name=crowdsecurity/jira_cve-2021-26086
  330.  
  331. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=nameless-water file=/etc/crowdsec/scenarios/http-generic-bf.yaml name=crowdsecurity/http-generic-bf
  332.  
  333. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=misty-bush file=/etc/crowdsec/scenarios/http-generic-bf.yaml name=LePresidente/http-generic-401-bf
  334.  
  335. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=cold-firefly file=/etc/crowdsec/scenarios/http-generic-bf.yaml name=LePresidente/http-generic-403-bf
  336.  
  337. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=rough-moon file=/etc/crowdsec/scenarios/nginx-req-limit-exceeded.yaml name=crowdsecurity/nginx-req-limit-exceeded
  338.  
  339. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=dark-shadow file=/etc/crowdsec/scenarios/apache_log4j2_cve-2021-44228.yaml name=crowdsecurity/apache_log4j2_cve-2021-44228
  340.  
  341. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=solitary-flower file=/etc/crowdsec/scenarios/http-path-traversal-probing.yaml name=crowdsecurity/http-path-traversal-probing
  342.  
  343. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=snowy-thunder file=/etc/crowdsec/scenarios/http-crawl-non_statics.yaml name=crowdsecurity/http-crawl-non_statics
  344.  
  345. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=throbbing-brook file=/etc/crowdsec/scenarios/CVE-2022-40684.yaml name=crowdsecurity/fortinet-cve-2022-40684
  346.  
  347. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=damp-sun file=/etc/crowdsec/scenarios/CVE-2022-42889.yaml name=crowdsecurity/CVE-2022-42889
  348.  
  349. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=proud-cloud file=/etc/crowdsec/scenarios/thinkphp-cve-2018-20062.yaml name=crowdsecurity/thinkphp-cve-2018-20062
  350.  
  351. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=small-frog file=/etc/crowdsec/scenarios/pulse-secure-sslvpn-cve-2019-11510.yaml name=crowdsecurity/pulse-secure-sslvpn-cve-2019-11510
  352.  
  353. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=dark-fog file=/etc/crowdsec/scenarios/CVE-2022-35914.yaml name=crowdsecurity/CVE-2022-35914
  354.  
  355. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=dawn-sunset file=/etc/crowdsec/scenarios/http-bad-user-agent.yaml name=crowdsecurity/http-bad-user-agent
  356.  
  357. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=polished-sun file=/etc/crowdsec/scenarios/CVE-2022-41082.yaml name=crowdsecurity/CVE-2022-41082
  358.  
  359. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=young-forest file=/etc/crowdsec/scenarios/grafana-cve-2021-43798.yaml name=crowdsecurity/grafana-cve-2021-43798
  360.  
  361. time="25-08-2023 09:55:41" level=info msg="Adding leaky bucket" cfg=black-pine file=/etc/crowdsec/scenarios/http-probing.yaml name=crowdsecurity/http-probing
  362.  
  363. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=frosty-breeze file=/etc/crowdsec/scenarios/http-cve-2021-41773.yaml name=crowdsecurity/http-cve-2021-41773
  364.  
  365. time="25-08-2023 09:55:41" level=info msg="Adding trigger bucket" cfg=frosty-dawn file=/etc/crowdsec/scenarios/CVE-2022-37042.yaml name=crowdsecurity/CVE-2022-37042
  366.  
  367. time="25-08-2023 09:55:41" level=warning msg="Loaded 42 scenarios"
  368.  
  369. time="25-08-2023 09:55:41" level=info msg="loading acquisition file : /etc/crowdsec/acquis.yaml"
  370.  
  371. time="25-08-2023 09:55:41" level=warning msg="No matching files for pattern /var/log/nginx/*.log" type=file
  372.  
  373. time="25-08-2023 09:55:41" level=warning msg="No matching files for pattern ./tests/nginx/nginx.log" type=file
  374.  
  375. time="25-08-2023 09:55:41" level=warning msg="No matching files for pattern /var/log/auth.log" type=file
  376.  
  377. time="25-08-2023 09:55:41" level=info msg="Adding file /var/log/syslog to datasources" type=file
  378.  
  379. time="25-08-2023 09:55:41" level=warning msg="No matching files for pattern /var/log/apache2/*.log" type=file
  380.  
  381. time="25-08-2023 09:55:41" level=info msg="Starting processing data"
  382.  
  383. time="25-08-2023 09:55:41" level=warning msg="/var/log/syslog is a directory, ignoring it." type=file
  384.  
  385. time="25-08-2023 09:55:41" level=info msg="127.0.0.1 - [Fri, 25 Aug 2023 09:55:41 UTC] \"POST /v1/watchers/login HTTP/1.1 200 126.000488ms \"crowdsec/v1.5.2-4fbc3402fba932c8bd34b671527dcf7909d264c0\" \""
  386.  
  387. time="25-08-2023 09:56:41" level=info msg="127.0.0.1 - [Fri, 25 Aug 2023 09:56:41 UTC] \"GET /v1/heartbeat HTTP/1.1 200 32.28204ms \"crowdsec/v1.5.2-4fbc3402fba932c8bd34b671527dcf7909d264c0\" \""
Advertisement
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!