crowdsec-notifications : fix formatting
This commit is contained in:
parent
bc200b5f3b
commit
248b4dab9e
@ -3,5 +3,5 @@ Crowdsec Notification for Discord and Line
|
|||||||
|
|
||||||
**Remember to replace placeholder line with your authentication keys!**
|
**Remember to replace placeholder line with your authentication keys!**
|
||||||
|
|
||||||
![Discord Example](img/Discord_94N3DVisn8.png)
|
![Discord Example](img/Discord.png)
|
||||||
![Line Example](img/LINE_Q5uZ32zoph.png)
|
![Line Example](img/Line.png)
|
@ -11,20 +11,11 @@ format: |
|
|||||||
{{range . -}}
|
{{range . -}}
|
||||||
{{$alert := . -}}
|
{{$alert := . -}}
|
||||||
{{range .Decisions -}}
|
{{range .Decisions -}}
|
||||||
{{if $alert.Source.Cn -}}
|
|
||||||
{
|
{
|
||||||
"title": "{{.Scenario}}",
|
"title": "{{.Scenario}}",
|
||||||
"description": ":flag_{{ $alert.Source.Cn | lower }}: {{$alert.Source.IP}}\n Hostname: {{Hostname}}\nAS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}\nAction: {{.Type}} {{.Duration}}\nLinks: [CTI](https://app.crowdsec.net/cti/{{$alert.Source.IP}}) | [Shodan](https://www.shodan.io/host/{{$alert.Source.IP}})",
|
"description": "{{if $alert.Source.Cn -}}:flag_{{ $alert.Source.Cn | lower }}:{{end}}{{if not $alert.Source.Cn -}}:pirate_flag:{{end}} {{$alert.Source.IP}}\nCount : {{ $alert.EventsCount }}\n{{if $alert.Source.AsNumber -}}AS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}{{else}}AS: N/A{{end}}\nAction: {{.Type}} {{.Duration}} on {{ Hostname }}\nStart: {{ $alert.StartAt }}\nStop: {{ $alert.StopAt }}",
|
||||||
"color": "16711680"
|
"color": "16711680"
|
||||||
}
|
}
|
||||||
{{end}}
|
|
||||||
{{if not $alert.Source.Cn -}}
|
|
||||||
{
|
|
||||||
"title": "{{.Scenario}}",
|
|
||||||
"description": ":pirate_flag: {{$alert.Source.IP}}\nHostname: {{Hostname}}\nAS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}\nAction: {{.Type}} {{.Duration}}\nLinks: [CTI](https://app.crowdsec.net/cti/{{$alert.Source.IP}}) | [Shodan](https://www.shodan.io/host/{{$alert.Source.IP}})",
|
|
||||||
"color": "16711680"
|
|
||||||
}
|
|
||||||
{{end}}
|
|
||||||
{{end -}}
|
{{end -}}
|
||||||
{{end -}}
|
{{end -}}
|
||||||
]
|
]
|
||||||
|
BIN
crowdsec-notifications/img/Discord.png
Normal file
BIN
crowdsec-notifications/img/Discord.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 31 KiB |
Binary file not shown.
Before Width: | Height: | Size: 24 KiB |
Binary file not shown.
Before Width: | Height: | Size: 15 KiB |
BIN
crowdsec-notifications/img/line.png
Normal file
BIN
crowdsec-notifications/img/line.png
Normal file
Binary file not shown.
After Width: | Height: | Size: 45 KiB |
@ -9,13 +9,13 @@ format: |
|
|||||||
{{range . -}}{{$alert := . -}}{{range .Decisions -}}
|
{{range . -}}{{$alert := . -}}{{range .Decisions -}}
|
||||||
[ *{{.Scenario}}* ]
|
[ *{{.Scenario}}* ]
|
||||||
{{if $alert.Source.Cn -}}{{ $alert.Source.Cn }}{{end}}{{if not $alert.Source.Cn -}}N/A{{end}} {{$alert.Source.IP}}
|
{{if $alert.Source.Cn -}}{{ $alert.Source.Cn }}{{end}}{{if not $alert.Source.Cn -}}N/A{{end}} {{$alert.Source.IP}}
|
||||||
Hostname: {{Hostname}}
|
{{if $alert.Source.AsNumber -}}AS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}{{else}}AS: N/A{{end}}
|
||||||
AS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}
|
Action: {{.Type}} {{.Duration}} on {{ Hostname }}
|
||||||
Action: {{.Type}} {{.Duration}}
|
Count : {{ $alert.EventsCount }}
|
||||||
Links: https://app.crowdsec.net/cti/{{$alert.Source.IP}}
|
Start:
|
||||||
Links: https://www.shodan.io/host/{{$alert.Source.IP}}
|
{{ $alert.StartAt }}
|
||||||
{{end -}}
|
Stop:
|
||||||
{{end -}}
|
{{ $alert.StopAt }}{{end -}}{{end -}}
|
||||||
|
|
||||||
url: https://notify-api.line.me/api/notify
|
url: https://notify-api.line.me/api/notify
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user