Introduction
Le but ici est simplement d’ajouter Crowdsec dans la pile Traefik afin d’augmenter la détection des attaques et d’automatiser les prises de décisions ; en fonction de chaque type d’attaque.
Quelques notions
Moteur de sécurité CrowdSecDétection locale, remédiation globaleCrowdSec Security Engine se défend contre les intrusions en analysant les journaux dans le but d’identifier et de bloquer les IP en infraction. Les IP marquées sont ensuite envoyées à la liste de blocage de la communauté pour protéger la foule.
– Crowdsec
Prérequis
Il faut avoir lu le précédent article :)
Fichiers requis
docker-compose.yml
[Fichier]
version: "3.0"
#
# updated: 2023-06-05
# stack: traefik
#
x-logging: &x-logging
logging:
driver: loki
options:
loki-url: "http://loki:3100/loki/api/v1/push"
loki-retries: "5"
loki-batch-size: "400"
x-common: &x-common
<<: *x-logging
restart: "no"
stop_grace_period: 5s
stdin_open: true
tty: true
privileged: false
security_opt:
- no-new-privileges=true
cap_drop:
- ALL
cap_add:
- KILL
dns:
- 1.1.1.1
- 8.8.8.8
- 1.0.0.1
- 8.8.4.4
ipc: "shareable"
extra_hosts:
- "template.home:192.168.0.0"
environment:
TZ: "Europe/Paris"
PUID: 1000
PGID: 1000
user: 1000:1000
labels:
com.centurylinklabs.watchtower.enable: true
logging: "promtail"
com.stack.name: "common"
com.stack.service.name: "common"
devices:
- /dev/kmsg:/dev/kmsg
deploy:
restart_policy:
delay: 5s
max_attempts: 3
window: 120s
resources:
limits:
cpus: "0.50"
memory: 256M
ulimits:
nproc: 65535
nofile:
soft: 20000
hard: 40000
tmpfs:
- /tmp:rw,noexec,nosuid,size=64k
sysctls:
net.core.somaxconn: 1024
net.ipv4.tcp_syncookies: 0
x-volume-timezone: &x-volume-timezone "/etc/timezone:/etc/timezone:ro"
x-volume-localtime: &x-volume-localtime "/etc/localtime:/etc/localtime:ro"
x-volume-docker-socket: &x-volume-docker-socket "/var/run/docker.sock:/var/run/docker.sock:rw"
x-volume-cgroups: &x-volume-cgroups "/proc/cgroups:/cgroup:rw"
x-volume-ssl: &x-volume-ssl "/opt/docker/ssl:/ssl:ro"
networks:
proxy:
external: true
services:
varnish:
<<: *x-common
user: 0:0
privileged: true
cap_add:
- DAC_OVERRIDE
- SETUID
- SETGID
- CHOWN
- NET_ADMIN
- NET_RAW
- IPC_LOCK
- MKNOD
- NET_BIND_SERVICE
- NET_BROADCAST
- SYS_ADMIN
- FSETID
- SETFCAP
- SETPCAP
- SYS_CHROOT
container_name: varnish
hostname: varnish
image: varnish:latest
restart: always
networks:
- proxy
ports:
- "8443:80"
- "9131:9131"
expose:
- "80"
- "9131"
command: "-s default,1G -n /tmp/varnish -p tcp_fastopen=on -p gzip_level=9 -p feature=+http2 -p thread_pools=8 -p thread_pool_min=128 -p thread_pool_max=1000"
environment:
VARNISH_SIZE: 1G
VARNISH_HTTP_PORT: 80
VARNISH_PROXY_PORT: 8443
labels:
com.stack.name: "traefik"
com.stack.service.name: "varnish"
deploy:
resources:
limits:
cpus: "4.0"
memory: 1G
tmpfs:
- /tmp:rw,size=512M
volumes:
- *x-volume-timezone
- *x-volume-localtime
- /opt/docker/traefik/conf/varnish.vcl:/etc/varnish/default.vcl:ro
- /mnt/varnish:/var/lib/varnish
- /mnt/varnish:/tmp/varnish
traefik:
<<: *x-common
user: 0:0
cap_add:
- DAC_OVERRIDE
- CHOWN
container_name: traefik
hostname: traefik
image: traefik:3.0
restart: always
depends_on:
- varnish
networks:
- proxy
ports:
- "80:80"
- "443:443/tcp"
- "443:443/udp"
- "6082:6082"
expose:
- "80"
- "443"
- "6082"
environment:
TZ: "Europe/Paris"
CF_API_EMAIL: [cloudflareemail]
#CF_DNS_API_TOKEN: "[cloudflare api token]"
CF_API_KEY: "[cloudflare api key]"
labels:
com.stack.name: "traefik"
com.stack.service.name: "traefik"
deploy:
resources:
limits:
cpus: "4.0"
memory: 1G
tmpfs:
- /tmp:rw,noexec,nosuid,size=512M
volumes:
- *x-volume-timezone
- *x-volume-localtime
- *x-volume-docker-socket
- *x-volume-cgroups
- *x-volume-ssl
- /opt/docker/traefik/conf/traefik.yml:/traefik.yml:ro
- /opt/docker/traefik/conf/config.yml:/config.yml:ro
- /opt/docker/traefik/datas/acme.json:/acme.json
- /opt/docker/traefik/datas/log/:/var/log/traefik/
crowdsec:
<<: *x-common
user: 0:0
cap_add:
- DAC_OVERRIDE
- CHOWN
container_name: crowdsec
hostname: crowdsec
image: crowdsecurity/crowdsec:latest
restart: always
depends_on:
- traefik
networks:
- proxy
ports:
- "8081:8080"
- "6060:6060"
expose:
- "8080"
- "6060"
environment:
GID: 1000
COLLECTIONS: "crowdsecurity/linux crowdsecurity/traefik"
labels:
com.stack.name: "traefik"
com.stack.service.name: "crowdsec"
volumes:
- *x-volume-timezone
- *x-volume-localtime
- *x-volume-docker-socket
- *x-volume-cgroups
- /opt/docker/traefik/conf/acquis.yml:/etc/crowdsec/acquis.yaml:ro
- /opt/docker/traefik/conf/crowdsec/:/etc/crowdsec/acquis.d/:ro
- /opt/docker/traefik/datas/crowdsec/db:/var/lib/crowdsec/data
- /opt/docker/traefik/datas/log/:/var/log/traefik/:ro
crowdsec-bouncer:
<<: *x-common
container_name: crowdsec-bouncer
hostname: crowdsec-bouncer
image: fbonalair/traefik-crowdsec-bouncer:latest
restart: always
depends_on:
- crowdsec
networks:
- proxy
ports:
- "8082:8080"
expose:
- "8080"
environment:
PORT: 8080
GIN_MODE: "release"
CROWDSEC_BOUNCER_API_KEY: [crowdsec bouncer api key]
CROWDSEC_AGENT_HOST: crowdsec:8081
CROWDSEC_BOUNCER_SCHEME: "http"
labels:
com.stack.name: "traefik"
com.stack.service.name: "bouncer"
volumes:
- *x-volume-timezone
- *x-volume-localtime
fail2ban:
<<: *x-common
user: 0:0
cap_add:
- NET_ADMIN
- NET_RAW
- SETGID
container_name: fail2ban
hostname: fail2ban
image: crazymax/fail2ban:latest
restart: always
depends_on:
- traefik
networks:
- proxy
environment:
F2B_DB_PURGE_AGE: "14d"
labels:
com.stack.name: "traefik"
com.stack.service.name: "fail2ban"
deploy:
resources:
limits:
cpus: "4.0"
memory: 1G
volumes:
- *x-volume-timezone
- *x-volume-localtime
- /opt/docker/traefik/datas/f2b:/data
- /opt/docker/traefik/datas/log:/var/log/traefik:ro
whoami:
<<: *x-common
container_name: whoami
hostname: whoami
image: containous/whoami:latest
restart: always
networks:
- proxy
labels:
com.stack.name: "traefik"
com.stack.service.name: "whoami"
deploy:
resources:
limits:
cpus: "4.0"
memory: 1G
volumes:
- *x-volume-timezone
- *x-volume-localtime
modsecurity:
<<: *x-common
user: 0:0
cap_add:
- DAC_OVERRIDE
- SETUID
- SETGID
- CHOWN
container_name: modsecurity
hostname: modsecurity
image: owasp/modsecurity-crs:apache
restart: always
depends_on:
- whoami
- traefik
networks:
- proxy
ports:
- "2080:80"
expose:
- "80"
environment:
PARANOIA: 1
ANOMALY_INBOUND: 10
ANOMALY_OUTBOUND: 5
BACKEND: http://whoami
LOGLEVEL: error
MODSEC_REQ_BODY_LIMIT: 1073741824
MODSEC_REQ_BODY_NOFILES_LIMIT: 1073741824
SERVER_ADMIN: [email protected]
MODSEC_AUDIT_LOG_FORMAT: "Native"
MODSEC_AUDIT_LOG_TYPE: "Concurrent"
MODSEC_AUDIT_STORAGE: /audit
labels:
com.stack.name: "traefik"
com.stack.service.name: "modsecurity"
deploy:
resources:
limits:
cpus: "4.0"
memory: 1G
tmpfs:
- /tmp:rw,noexec,nosuid,size=512M
volumes:
- *x-volume-timezone
- *x-volume-localtime
- /opt/docker/traefik/conf/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf:/etc/modsecurity.d/owasp-crs/rules/REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf
- /opt/docker/traefik/datas/modsecurity:/audit
acquis.yml
[Fichier]
# 2023-06-05
filenames:
- /var/log/traefik/*
labels:
type: traefik
Je ne détaille pas ici les autres fichiers de configurations tels que REQUEST-900-EXCLUSION-RULES-BEFORE-CRS.conf.
Mise en place
En plus des prérequis pour Traefik, Varnish, fail2ban, etc. il sera nécessaire de créer les répertoires suivants :
- conf/crowdsec
- datas/crowdsec/db
Par convention, je donne toujours l'utilisateur 1000 et le groupe 1000 aux répertoires et fichiers.
Pour calculer la clé d’API pour Crowdsec, il faut en cli utiliser la commande suivante :
docker exec crowdsec cscli bouncers add bouncer-traefik
Précisions
L’ajout de Crowdsec et du bouncer permet au système de détecter les attaques qui sont portées sur votre infrastructure et aussi la prise de décisions en automatique ; tel que le blocage de l’attaquant.
Lorsque vous ferez les tests... Ne vous auto-bloquez pas :)
Voici quelques commandes utiles pour gérer Crowdsec en cli:
Afficher les métriques :
docker exec crowdsec cscli metrics
Afficher les bannissements :
docker exec crowdsec cscli decisions list
Mettre à jour les définitions de détections d’attaques et les décisions :
docker exec crowdsec cscli hub update && docker exec crowdsec cscli hub upgrade
Bannir une adresse IP :
docker exec crowdsec cscli decisions add --ip 192.168.0.1
Exclure une IP des bans :
docker exec crowdsec cscli decisions delete --ip 192.168.0.1
Dashboard
Si vous utilisez Grafana et que vous souhaitez disposer d’un tableau de bord pour Crowdsec :
Crowdsec.json
[Fichier]
{
"annotations": {
"list": [
{
"builtIn": 1,
"datasource": {
"type": "datasource",
"uid": "grafana"
},
"enable": true,
"hide": true,
"iconColor": "rgba(0, 211, 255, 1)",
"name": "Annotations & Alerts",
"target": {
"limit": 100,
"matchAny": false,
"tags": [],
"type": "dashboard"
},
"type": "dashboard"
}
]
},
"editable": true,
"fiscalYearStartMonth": 0,
"graphTooltip": 0,
"id": 34,
"links": [
{
"asDropdown": true,
"icon": "external link",
"includeVars": false,
"keepTime": false,
"tags": [
"Zogg"
],
"targetBlank": false,
"title": "Dashboards",
"tooltip": "",
"type": "dashboards",
"url": ""
}
],
"liveNow": false,
"panels": [
{
"collapsed": false,
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"gridPos": {
"h": 1,
"w": 24,
"x": 0,
"y": 0
},
"id": 24,
"panels": [],
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"refId": "A"
}
],
"title": "Summary",
"type": "row"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [
{
"options": {
"match": "null",
"result": {
"text": "N/A"
}
},
"type": "special"
}
],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "#E02F44",
"value": null
},
{
"color": "#E02F44",
"value": 10
},
{
"color": "#299c46",
"value": 10
}
]
},
"unit": "none"
},
"overrides": []
},
"gridPos": {
"h": 3,
"w": 6,
"x": 0,
"y": 1
},
"id": 2,
"links": [],
"maxDataPoints": 100,
"options": {
"colorMode": "none",
"graphMode": "none",
"justifyMode": "auto",
"orientation": "horizontal",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": false
},
"text": {},
"textMode": "auto"
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
"expr": "sum(up{job=~\"crowdsec.*\"})",
"interval": "",
"legendFormat": "",
"refId": "A"
}
],
"title": "Running Crowdsec",
"type": "stat"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 3,
"w": 6,
"x": 6,
"y": 1
},
"id": 36,
"options": {
"colorMode": "value",
"graphMode": "area",
"justifyMode": "auto",
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": false
},
"text": {},
"textMode": "auto"
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
"expr": "sum(cs_active_decisions)",
"interval": "",
"legendFormat": "",
"refId": "A"
}
],
"title": "Decisions Count",
"type": "stat"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 3,
"w": 12,
"x": 12,
"y": 1
},
"id": 38,
"options": {
"colorMode": "value",
"graphMode": "area",
"justifyMode": "auto",
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": false
},
"text": {},
"textMode": "auto"
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
"expr": "sum(cs_alerts)",
"interval": "",
"legendFormat": "",
"refId": "A"
}
],
"title": "Alerts Count",
"type": "stat"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"links": [],
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 4
},
"id": 51,
"options": {
"legend": {
"calcs": [
"sum"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "multi",
"sort": "none"
}
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
"expr": "sum(increase(cs_filesource_hits_total{machine=\"$machine\"}[$__interval])) by (source)",
"interval": "",
"intervalFactor": 2,
"legendFormat": "",
"refId": "A"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
"expr": "sum(increase(cs_journalctlsource_hits_total{machine=\"$machine\"}[$__interval])) by (source)",
"hide": false,
"interval": "",
"legendFormat": "",
"refId": "B"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
"expr": "sum(increase(cs_cloudwatch_stream_hits_total{machine=\"$machine\"}[$__interval])) by (group, stream)",
"hide": false,
"interval": "",
"legendFormat": " - ",
"refId": "C"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
"expr": "sum(increase(cs_syslogsource_hits_total{machine=\"$machine\"}[$__interval])) by (source)",
"hide": false,
"interval": "",
"legendFormat": "",
"refId": "D"
}
],
"title": "Acquisition",
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"links": [],
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 4
},
"id": 10,
"options": {
"legend": {
"calcs": [
"sum"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "multi",
"sort": "none"
}
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"expr": "sum(increase(cs_parser_hits_total[$__interval])) by (machine)",
"interval": "",
"intervalFactor": 2,
"legendFormat": "",
"refId": "A"
}
],
"title": "Parsers",
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"links": [],
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 9,
"w": 12,
"x": 0,
"y": 12
},
"id": 52,
"options": {
"legend": {
"calcs": [
"sum"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "multi",
"sort": "none"
}
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"expr": "sum(increase(cs_parser_hits_ok_total{machine=\"$machine\"}[$__interval])) by (source)",
"interval": "",
"intervalFactor": 2,
"legendFormat": "",
"refId": "A"
}
],
"title": "Parsed lines",
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"links": [],
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 9,
"w": 12,
"x": 12,
"y": 12
},
"id": 53,
"options": {
"legend": {
"calcs": [
"sum"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "multi",
"sort": "none"
}
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"expr": "sum(increase(cs_parser_hits_ko_total{machine=\"$machine\"}[$__interval])) by (source)",
"interval": "",
"intervalFactor": 2,
"legendFormat": "",
"refId": "A"
}
],
"title": "Unparsed lines",
"type": "timeseries"
},
{
"collapsed": false,
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"gridPos": {
"h": 1,
"w": 24,
"x": 0,
"y": 21
},
"id": 30,
"panels": [],
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"refId": "A"
}
],
"title": "Alerts",
"type": "row"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 0,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "auto",
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 10,
"w": 12,
"x": 0,
"y": 22
},
"id": 32,
"options": {
"legend": {
"calcs": [],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "single",
"sort": "none"
}
},
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
"expr": "sum(cs_active_decisions) by (reason)",
"interval": "",
"legendFormat": "",
"refId": "A"
}
],
"title": "Decisions by scenario",
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 0,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "auto",
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 10,
"w": 12,
"x": 12,
"y": 22
},
"id": 34,
"options": {
"legend": {
"calcs": [],
"displayMode": "list",
"placement": "bottom",
"showLegend": true
},
"tooltip": {
"mode": "single",
"sort": "none"
}
},
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
"expr": "sum(cs_active_decisions) by (action)",
"interval": "",
"legendFormat": "",
"refId": "A"
}
],
"title": "Decisions By Type",
"type": "timeseries"
},
{
"collapsed": false,
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"gridPos": {
"h": 1,
"w": 24,
"x": 0,
"y": 32
},
"id": 26,
"panels": [],
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"refId": "A"
}
],
"title": "Parsers",
"type": "row"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"links": [],
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 9,
"w": 12,
"x": 0,
"y": 33
},
"id": 4,
"interval": "",
"options": {
"legend": {
"calcs": [
"sum"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "multi",
"sort": "none"
}
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"expr": "sum(increase(cs_node_hits_ok_total[$__interval])) by (name)",
"format": "time_series",
"instant": false,
"interval": "",
"intervalFactor": 2,
"legendFormat": "",
"refId": "A"
}
],
"title": "Parsers ok",
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"links": [],
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 9,
"w": 12,
"x": 12,
"y": 33
},
"id": 6,
"options": {
"legend": {
"calcs": [
"sum"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "multi",
"sort": "none"
}
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"expr": "sum(increase(cs_node_hits_ko_total[$__interval])) by (name)",
"interval": "",
"intervalFactor": 2,
"legendFormat": "",
"refId": "A"
}
],
"title": "Parsers nok",
"type": "timeseries"
},
{
"collapsed": false,
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"gridPos": {
"h": 1,
"w": 24,
"x": 0,
"y": 42
},
"id": 28,
"panels": [],
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"refId": "A"
}
],
"title": "Buckets",
"type": "row"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"links": [],
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 9,
"w": 12,
"x": 0,
"y": 43
},
"id": 18,
"options": {
"legend": {
"calcs": [
"sum"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "multi",
"sort": "none"
}
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"expr": "sum(increase(cs_bucket_created_total[$__interval])) by (name)",
"interval": "",
"intervalFactor": 2,
"legendFormat": "",
"refId": "A"
}
],
"title": "Buckets created",
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"links": [],
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 9,
"w": 12,
"x": 12,
"y": 43
},
"id": 49,
"options": {
"legend": {
"calcs": [
"sum"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "multi",
"sort": "none"
}
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"expr": "sum(increase(cs_bucket_created_total{machine=\"$machine\"}[$__interval])) by (name)",
"interval": "",
"intervalFactor": 2,
"legendFormat": "",
"refId": "A"
}
],
"title": "Buckets creation",
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"links": [],
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 52
},
"id": 20,
"options": {
"legend": {
"calcs": [
"sum"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "multi",
"sort": "none"
}
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"expr": "sum(increase(cs_bucket_overflowed_total[$__interval])) by (name)",
"interval": "",
"intervalFactor": 2,
"legendFormat": "",
"refId": "A"
}
],
"title": "Buckets overflow",
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"links": [],
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 52
},
"id": 50,
"options": {
"legend": {
"calcs": [
"sum"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "multi",
"sort": "none"
}
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"expr": "sum(increase(cs_bucket_underflowed_total{machine=\"$machine\"}[$__interval])) by (name)",
"interval": "",
"intervalFactor": 2,
"legendFormat": "",
"refId": "A"
}
],
"title": "Buckets underflow",
"type": "timeseries"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "palette-classic"
},
"custom": {
"axisCenteredZero": false,
"axisColorMode": "text",
"axisLabel": "",
"axisPlacement": "auto",
"barAlignment": 0,
"drawStyle": "line",
"fillOpacity": 10,
"gradientMode": "none",
"hideFrom": {
"legend": false,
"tooltip": false,
"viz": false
},
"lineInterpolation": "linear",
"lineWidth": 1,
"pointSize": 5,
"scaleDistribution": {
"type": "linear"
},
"showPoints": "never",
"spanNulls": false,
"stacking": {
"group": "A",
"mode": "none"
},
"thresholdsStyle": {
"mode": "off"
}
},
"links": [],
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
},
"unit": "short"
},
"overrides": []
},
"gridPos": {
"h": 9,
"w": 24,
"x": 0,
"y": 60
},
"id": 22,
"options": {
"legend": {
"calcs": [
"sum"
],
"displayMode": "table",
"placement": "right",
"showLegend": true
},
"tooltip": {
"mode": "multi",
"sort": "none"
}
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"expr": "sum(cs_buckets) by (name)",
"interval": "",
"intervalFactor": 1,
"legendFormat": "",
"refId": "A"
}
],
"title": "Buckets Timeline",
"type": "timeseries"
},
{
"collapsed": false,
"gridPos": {
"h": 1,
"w": 24,
"x": 0,
"y": 69
},
"id": 39,
"panels": [],
"title": "Agents",
"type": "row"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 70
},
"id": 40,
"options": {
"displayMode": "gradient",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "vertical",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": false
},
"showUnfilled": false,
"text": {},
"valueMode": "color"
},
"pluginVersion": "9.5.2",
"repeat": "query0",
"repeatDirection": "h",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
"expr": "cs_lapi_request_duration_seconds_bucket{endpoint=\"/v1/watchers/login\", machine=\"$lapi\"}",
"format": "heatmap",
"interval": "",
"legendFormat": "",
"refId": "A"
}
],
"title": "Agents Login",
"type": "bargauge"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
}
]
},
"unit": "none"
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 70
},
"id": 41,
"options": {
"displayMode": "gradient",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": false
},
"showUnfilled": false,
"text": {},
"valueMode": "color"
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
"expr": "cs_lapi_request_duration_seconds_bucket{endpoint=\"/v1/heartbeat\",machine=\"$lapi\"}",
"format": "heatmap",
"interval": "",
"legendFormat": "",
"refId": "A"
}
],
"title": "Heartbeat",
"type": "bargauge"
},
{
"collapsed": false,
"gridPos": {
"h": 1,
"w": 24,
"x": 0,
"y": 78
},
"id": 42,
"panels": [],
"title": "Decisions",
"type": "row"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 79
},
"id": 43,
"options": {
"displayMode": "gradient",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": false
},
"showUnfilled": false,
"text": {},
"valueMode": "color"
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
\"expr\": \"cs\_lapi\_request\_duration\_seconds\_bucket{endpoint= \"/v1/decisions\", machine=\"\$lapi\", method=~\"\(GET)|\(HEAD)\"}\",
"format": "heatmap",
"interval": "",
"legendFormat": "",
"refId": "A"
}
],
"title": "Decisions GET (live)",
"type": "bargauge"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 79
},
"id": 44,
"options": {
"displayMode": "gradient",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": false
},
"showUnfilled": false,
"text": {},
"valueMode": "color"
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
\"expr\": \"cs\_lapi\_request\_duration\_seconds\_bucket{endpoint= \"/v1/decisions/stream\", machine=\"\$lapi\", method=~\"\(GET)|\(HEAD)\"}\",
"format": "heatmap",
"interval": "",
"legendFormat": "",
"refId": "A"
}
],
"title": "Decisions GET (stream)",
"type": "bargauge"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green",
"value": null
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 6,
"w": 24,
"x": 0,
"y": 87
},
"id": 45,
"options": {
"displayMode": "gradient",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": false
},
"showUnfilled": false,
"text": {},
"valueMode": "color"
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
"expr": "cs_lapi_request_duration_seconds_bucket{endpoint=~\"/v1/decisions.*\", machine=\"$lapi\", method=\"DELETE\"}",
"format": "heatmap",
"interval": "",
"legendFormat": "",
"refId": "A"
}
],
"title": "Decisions DELETE",
"type": "bargauge"
},
{
"collapsed": false,
"gridPos": {
"h": 1,
"w": 24,
"x": 0,
"y": 93
},
"id": 46,
"panels": [],
"title": "Alerts",
"type": "row"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green"
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 0,
"y": 94
},
"id": 47,
"options": {
"displayMode": "gradient",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": false
},
"showUnfilled": false,
"text": {},
"valueMode": "color"
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
"expr": "cs_lapi_request_duration_seconds_bucket{endpoint=\"/v1/alerts\",machine=\"$lapi\",method=\"POST\"}",
"format": "heatmap",
"interval": "",
"legendFormat": "",
"refId": "A"
}
],
"title": "Alerts POST",
"type": "bargauge"
},
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"fieldConfig": {
"defaults": {
"color": {
"mode": "thresholds"
},
"mappings": [],
"thresholds": {
"mode": "absolute",
"steps": [
{
"color": "green"
},
{
"color": "red",
"value": 80
}
]
}
},
"overrides": []
},
"gridPos": {
"h": 8,
"w": 12,
"x": 12,
"y": 94
},
"id": 48,
"options": {
"displayMode": "gradient",
"minVizHeight": 10,
"minVizWidth": 0,
"orientation": "auto",
"reduceOptions": {
"calcs": [
"lastNotNull"
],
"fields": "",
"values": false
},
"showUnfilled": false,
"text": {},
"valueMode": "color"
},
"pluginVersion": "9.5.2",
"targets": [
{
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"exemplar": true,
\"expr\": \"cs\_lapi\_request\_duration\_seconds\_bucket{endpoint=\"/v1/alerts\",machine=\"\$lapi\",method=~\"\(GET)|\(HEAD)\"}\",
"format": "heatmap",
"interval": "",
"legendFormat": "",
"refId": "A"
}
],
"title": "Alerts GET",
"type": "bargauge"
}
],
"refresh": "5m",
"schemaVersion": 38,
"style": "dark",
"tags": [
"Zogg",
"Prometheus",
"Crowdsec"
],
"templating": {
"list": [
{
"current": {
"isNone": true,
"selected": false,
"text": "None",
"value": ""
},
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"definition": "label_values(cs_info,machine)",
"hide": 0,
"includeAll": false,
"multi": false,
"name": "lapi",
"options": [],
"query": {
"query": "label_values(cs_info,machine)",
"refId": "PrometheusVariableQueryEditor-VariableQuery"
},
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"sort": 0,
"type": "query"
},
{
"current": {
"isNone": true,
"selected": false,
"text": "None",
"value": ""
},
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"definition": "label_values(up,machine)",
"hide": 0,
"includeAll": false,
"label": "machine",
"multi": false,
"name": "machine",
"options": [],
"query": {
"query": "label_values(up,machine)",
"refId": "PrometheusVariableQueryEditor-VariableQuery"
},
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"sort": 0,
"type": "query"
},
{
"current": {
"selected": false,
"text": "file",
"value": "file"
},
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"definition": "label_values(cs_parsing_time_seconds_bucket{machine=\"$machine\"},type)",
"hide": 0,
"includeAll": false,
"multi": false,
"name": "datasource_type",
"options": [],
"query": {
"query": "label_values(cs_parsing_time_seconds_bucket{machine=\"$machine\"},type)",
"refId": "PrometheusVariableQueryEditor-VariableQuery"
},
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"sort": 0,
"type": "query"
},
{
"current": {
"selected": false,
"text": "/var/log/traefik/access.log",
"value": "/var/log/traefik/access.log"
},
"datasource": {
"type": "prometheus",
"uid": "PAE45454D0EDB9216"
},
"definition": "label_values(cs_parsing_time_seconds_bucket{machine=\"$machine\", type=\"$datasource_type\"},source)",
"hide": 0,
"includeAll": false,
"multi": false,
"name": "source",
"options": [],
"query": {
"query": "label_values(cs_parsing_time_seconds_bucket{machine=\"$machine\", type=\"$datasource_type\"},source)",
"refId": "PrometheusVariableQueryEditor-VariableQuery"
},
"refresh": 1,
"regex": "",
"skipUrlSync": false,
"sort": 0,
"type": "query"
}
]
},
"time": {
"from": "now-1h",
"to": "now"
},
"timepicker": {
"refresh_intervals": [
"5s",
"10s",
"30s",
"1m",
"5m",
"15m",
"30m",
"1h",
"2h",
"1d"
]
},
"timezone": "",
"title": "CrowdSec",
"uid": "ZOGG0014",
"version": 18,
"weekStart": ""
}
Et pour récupérer les informations, il vous sera nécessaire de déclarer un scraper dans Prometheus :
- job_name: "crowdsec"
honor_timestamps: true
honor_labels: true
scrape_interval: 15s
scrape_timeout: 10s
static_configs:
- targets: ["[adresse ip]:6060"]
labels:
alias: Crowdsec
ip: [adresse ip]
Conclusion
Avec Crowdsec, vous sécurisez d’avantage votre homelab…
Et pas qu’un peu :
Nous avons là les statistiques de mitigation uniquement sur une période de 48h...