minoplhy/scriptbox
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

crowdsec-notifications : fix formatting

Browse Source
This commit is contained in:
minoplhy 2024-03-23 15:26:18 +07:00
parent bc200b5f3b
commit 248b4dab9e
Signed by: minoplhy
GPG Key ID: 41D406044E2434BF
7 changed files with 10 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
crowdsec-notifications/README.md
View File

@ -3,5 +3,5 @@ Crowdsec Notification for Discord and Line
**Remember to replace placeholder line with your authentication keys!** **Remember to replace placeholder line with your authentication keys!**
![Discord Example](img/Discord_94N3DVisn8.png) ![Discord Example](img/Discord.png)
![Line Example](img/LINE_Q5uZ32zoph.png) ![Line Example](img/Line.png)

11
crowdsec-notifications/discord.yaml
View File

@ -11,20 +11,11 @@ format: |
{{range . -}} {{range . -}}
{{$alert := . -}} {{$alert := . -}}
{{range .Decisions -}} {{range .Decisions -}}
{{if $alert.Source.Cn -}}
{ {
"title": "{{.Scenario}}", "title": "{{.Scenario}}",
"description": ":flag_{{ $alert.Source.Cn | lower }}: {{$alert.Source.IP}}\n Hostname: {{Hostname}}\nAS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}\nAction: {{.Type}} {{.Duration}}\nLinks: [CTI](https://app.crowdsec.net/cti/{{$alert.Source.IP}}) | [Shodan](https://www.shodan.io/host/{{$alert.Source.IP}})", "description": "{{if $alert.Source.Cn -}}:flag_{{ $alert.Source.Cn | lower }}:{{end}}{{if not $alert.Source.Cn -}}:pirate_flag:{{end}} {{$alert.Source.IP}}\nCount : {{ $alert.EventsCount }}\n{{if $alert.Source.AsNumber -}}AS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}{{else}}AS: N/A{{end}}\nAction: {{.Type}} {{.Duration}} on {{ Hostname }}\nStart: {{ $alert.StartAt }}\nStop: {{ $alert.StopAt }}",
"color": "16711680" "color": "16711680"
} }
{{end}}
{{if not $alert.Source.Cn -}}
{
"title": "{{.Scenario}}",
"description": ":pirate_flag: {{$alert.Source.IP}}\nHostname: {{Hostname}}\nAS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}\nAction: {{.Type}} {{.Duration}}\nLinks: [CTI](https://app.crowdsec.net/cti/{{$alert.Source.IP}}) | [Shodan](https://www.shodan.io/host/{{$alert.Source.IP}})",
"color": "16711680"
}
{{end}}
{{end -}} {{end -}}
{{end -}} {{end -}}
] ]

BIN
crowdsec-notifications/img/Discord.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 31 KiB

BIN
crowdsec-notifications/img/Discord_94N3DVisn8.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 24 KiB

BIN
crowdsec-notifications/img/LINE_Q5uZ32zoph.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 15 KiB

BIN
crowdsec-notifications/img/line.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 45 KiB

14
crowdsec-notifications/line.yaml
View File

@ -9,13 +9,13 @@ format: |
{{range . -}}{{$alert := . -}}{{range .Decisions -}} {{range . -}}{{$alert := . -}}{{range .Decisions -}}
[ *{{.Scenario}}* ] [ *{{.Scenario}}* ]
{{if $alert.Source.Cn -}}{{ $alert.Source.Cn }}{{end}}{{if not $alert.Source.Cn -}}N/A{{end}} {{$alert.Source.IP}} {{if $alert.Source.Cn -}}{{ $alert.Source.Cn }}{{end}}{{if not $alert.Source.Cn -}}N/A{{end}} {{$alert.Source.IP}}
Hostname: {{Hostname}} {{if $alert.Source.AsNumber -}}AS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}{{else}}AS: N/A{{end}}
AS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }} Action: {{.Type}} {{.Duration}} on {{ Hostname }}
Action: {{.Type}} {{.Duration}} Count : {{ $alert.EventsCount }}
Links: https://app.crowdsec.net/cti/{{$alert.Source.IP}} Start:
Links: https://www.shodan.io/host/{{$alert.Source.IP}} {{ $alert.StartAt }}
{{end -}} Stop:
{{end -}} {{ $alert.StopAt }}{{end -}}{{end -}}
url: https://notify-api.line.me/api/notify url: https://notify-api.line.me/api/notify