Messages

1

Intrusion Detection and Prevention / Re: Crowdsec whitelist

« on: November 29, 2023, 04:40:21 pm »

I've never used Crowdsec before so this may not be the best solution, but what I did was run

Code: [Select]

cscli parsers install crowdsecurity/whitelistswhich creates a whitelist.yaml file in
/usr/local/etc/crowdsec/hub/parsers/s02-enrich/crowdsecurity
then I edited that file to whatever I desire. After restarting Crowdsec it shows as 'enabled,tainted' but I guess 'tainted' just means the default auto-generated config was updated. It seems to be working