crowdsec-notifications : init
This commit is contained in:
parent
2cfad5cddf
commit
0ba128b5f7
GPG Key ID:
41D406044E2434BF
7
crowdsec-notifications/README.md
Normal file
7
crowdsec-notifications/README.md
Normal file
@ -0,0 +1,7 @@
|
|||||||
|
# Crowdsec Notifications
|
||||||
|
Crowdsec Notification for Discord and Line
|
||||||
|
|
||||||
|
**Remember to replace placeholder line with your authentication keys!**
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
38
crowdsec-notifications/discord.yaml
Normal file
38
crowdsec-notifications/discord.yaml
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
type: http
|
||||||
|
|
||||||
|
name: discord
|
||||||
|
|
||||||
|
log_level: info
|
||||||
|
|
||||||
|
format: |
|
||||||
|
{
|
||||||
|
"content": null,
|
||||||
|
"embeds": [
|
||||||
|
{{range . -}}
|
||||||
|
{{$alert := . -}}
|
||||||
|
{{range .Decisions -}}
|
||||||
|
{{if $alert.Source.Cn -}}
|
||||||
|
{
|
||||||
|
"title": "{{.Scenario}}",
|
||||||
|
"description": ":flag_{{ $alert.Source.Cn | lower }}: {{$alert.Source.IP}}\n Hostname: {{Hostname}}\nAction: {{.Type}} {{.Duration}}\nLinks: [CTI](https://app.crowdsec.net/cti/{{$alert.Source.IP}}) | [Shodan](https://www.shodan.io/host/{{$alert.Source.IP}})",
|
||||||
|
"color": "16711680"
|
||||||
|
}
|
||||||
|
{{end}}
|
||||||
|
{{if not $alert.Source.Cn -}}
|
||||||
|
{
|
||||||
|
"title": "{{.Scenario}}",
|
||||||
|
"description": ":pirate_flag: {{$alert.Source.IP}}\nHostname: {{Hostname}}\nAction: {{.Type}} {{.Duration}}\nLinks: [CTI](https://app.crowdsec.net/cti/{{$alert.Source.IP}}) | [Shodan](https://www.shodan.io/host/{{$alert.Source.IP}})",
|
||||||
|
"color": "16711680"
|
||||||
|
}
|
||||||
|
{{end}}
|
||||||
|
{{end -}}
|
||||||
|
{{end -}}
|
||||||
|
]
|
||||||
|
}
|
||||||
|
|
||||||
|
url: https://discord.com/api/webhooks/[]/[]
|
||||||
|
|
||||||
|
method: POST
|
||||||
|
|
||||||
|
headers:
|
||||||
|
Content-Type: application/json
|
||||||
BIN
crowdsec-notifications/img/Discord_94N3DVisn8.png
Normal file
BIN
crowdsec-notifications/img/Discord_94N3DVisn8.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 24 KiB |
BIN
crowdsec-notifications/img/LINE_Q5uZ32zoph.png
Normal file
BIN
crowdsec-notifications/img/LINE_Q5uZ32zoph.png
Normal file
Binary file not shown.
|
After Width: | Height: | Size: 15 KiB |
25
crowdsec-notifications/line.yaml
Normal file
25
crowdsec-notifications/line.yaml
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
type: http
|
||||||
|
|
||||||
|
name: line
|
||||||
|
|
||||||
|
log_level: info
|
||||||
|
|
||||||
|
format: |
|
||||||
|
message=
|
||||||
|
{{range . -}}{{$alert := . -}}{{range .Decisions -}}
|
||||||
|
[ *{{.Scenario}}* ]
|
||||||
|
{{if $alert.Source.Cn -}}{{ $alert.Source.Cn }}{{end}}{{if not $alert.Source.Cn -}}N/A{{end}} {{$alert.Source.IP}}
|
||||||
|
Hostname: {{Hostname}}
|
||||||
|
Action: {{.Type}} {{.Duration}}
|
||||||
|
Links: https://app.crowdsec.net/cti/{{$alert.Source.IP}}
|
||||||
|
Links: https://www.shodan.io/host/{{$alert.Source.IP}}
|
||||||
|
{{end -}}
|
||||||
|
{{end -}}
|
||||||
|
|
||||||
|
url: https://notify-api.line.me/api/notify
|
||||||
|
|
||||||
|
method: POST
|
||||||
|
|
||||||
|
headers:
|
||||||
|
Content-Type: application/x-www-form-urlencoded
|
||||||
|
Authorization: Bearer <access_token>
|
||||||
Loading…
Reference in New Issue
Block a user