CyberMind-FR
252341e045
New packages: - secubox-crowdsec-setup: Automated installation script with: - Prerequisites verification (RAM, flash, OpenWrt version) - syslog-ng4 configuration for log forwarding - CAPI registration and hub setup - nftables firewall bouncer configuration - Backup/rollback, repair, and uninstall modes - luci-app-secubox-crowdsec: LuCI dashboard with: - Service status and statistics dashboard - Active decisions (bans) management - Security alerts viewer - Collections and bouncers management - UCI-based settings configuration Enhanced existing packages: - luci-app-crowdsec-dashboard: Added acquisition configuration wizard - secubox-app-crowdsec: Improved defaults and configuration Documentation: - CROWDSEC-OPENWRT-24.md with architecture, installation, and troubleshooting Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
30 lines
825 B
YAML
30 lines
825 B
YAML
# OpenWrt uHTTPd Web Server Acquisition
|
|
# This configuration monitors uHTTPd access/error logs
|
|
#
|
|
# By default, uHTTPd logs to syslog. To enable file-based logging,
|
|
# configure uHTTPd in /etc/config/uhttpd:
|
|
#
|
|
# config uhttpd 'main'
|
|
# option access_log '/var/log/uhttpd/access.log'
|
|
# option error_log '/var/log/uhttpd/error.log'
|
|
#
|
|
# Required parsers:
|
|
# cscli parsers install crowdsecurity/syslog-logs
|
|
#
|
|
# For HTTP-based attacks, consider installing:
|
|
# cscli collections install crowdsecurity/http-cve
|
|
# cscli scenarios install crowdsecurity/http-probing
|
|
# cscli scenarios install crowdsecurity/http-bad-user-agent
|
|
|
|
# uHTTPd access logs
|
|
# filenames:
|
|
# - /var/log/uhttpd/access.log
|
|
# labels:
|
|
# type: syslog
|
|
---
|
|
# uHTTPd error logs
|
|
# filenames:
|
|
# - /var/log/uhttpd/error.log
|
|
# labels:
|
|
# type: syslog
|