minoplhy/scriptbox
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

crowdsec-notifications : add ASN to notify

Browse Source
This commit is contained in:
minoplhy 2024-03-22 20:34:52 +07:00
parent 0ba128b5f7
commit bc200b5f3b
Signed by: minoplhy
GPG Key ID: 41D406044E2434BF
2 changed files with 3 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
crowdsec-notifications/discord.yaml
View File

@ -14,14 +14,14 @@ format: |
{{if $alert.Source.Cn -}} {{if $alert.Source.Cn -}}
{ {
"title": "{{.Scenario}}", "title": "{{.Scenario}}",
"description": ":flag_{{ $alert.Source.Cn | lower }}: {{$alert.Source.IP}}\n Hostname: {{Hostname}}\nAction: {{.Type}} {{.Duration}}\nLinks: [CTI](https://app.crowdsec.net/cti/{{$alert.Source.IP}}) | [Shodan](https://www.shodan.io/host/{{$alert.Source.IP}})", "description": ":flag_{{ $alert.Source.Cn | lower }}: {{$alert.Source.IP}}\n Hostname: {{Hostname}}\nAS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}\nAction: {{.Type}} {{.Duration}}\nLinks: [CTI](https://app.crowdsec.net/cti/{{$alert.Source.IP}}) | [Shodan](https://www.shodan.io/host/{{$alert.Source.IP}})",
"color": "16711680" "color": "16711680"
} }
{{end}} {{end}}
{{if not $alert.Source.Cn -}} {{if not $alert.Source.Cn -}}
{ {
"title": "{{.Scenario}}", "title": "{{.Scenario}}",
"description": ":pirate_flag: {{$alert.Source.IP}}\nHostname: {{Hostname}}\nAction: {{.Type}} {{.Duration}}\nLinks: [CTI](https://app.crowdsec.net/cti/{{$alert.Source.IP}}) | [Shodan](https://www.shodan.io/host/{{$alert.Source.IP}})", "description": ":pirate_flag: {{$alert.Source.IP}}\nHostname: {{Hostname}}\nAS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}\nAction: {{.Type}} {{.Duration}}\nLinks: [CTI](https://app.crowdsec.net/cti/{{$alert.Source.IP}}) | [Shodan](https://www.shodan.io/host/{{$alert.Source.IP}})",
"color": "16711680" "color": "16711680"
} }
{{end}} {{end}}

1
crowdsec-notifications/line.yaml
View File

@ -10,6 +10,7 @@ format: |
[ *{{.Scenario}}* ] [ *{{.Scenario}}* ]
{{if $alert.Source.Cn -}}{{ $alert.Source.Cn }}{{end}}{{if not $alert.Source.Cn -}}N/A{{end}} {{$alert.Source.IP}} {{if $alert.Source.Cn -}}{{ $alert.Source.Cn }}{{end}}{{if not $alert.Source.Cn -}}N/A{{end}} {{$alert.Source.IP}}
Hostname: {{Hostname}} Hostname: {{Hostname}}
AS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}
Action: {{.Type}} {{.Duration}} Action: {{.Type}} {{.Duration}}
Links: https://app.crowdsec.net/cti/{{$alert.Source.IP}} Links: https://app.crowdsec.net/cti/{{$alert.Source.IP}}
Links: https://www.shodan.io/host/{{$alert.Source.IP}} Links: https://www.shodan.io/host/{{$alert.Source.IP}}