diff --git a/crowdsec-notifications/README.md b/crowdsec-notifications/README.md index 3e4ba05..8dfc389 100644 --- a/crowdsec-notifications/README.md +++ b/crowdsec-notifications/README.md @@ -3,5 +3,5 @@ Crowdsec Notification for Discord and Line **Remember to replace placeholder line with your authentication keys!** -![Discord Example](img/Discord_94N3DVisn8.png) -![Line Example](img/LINE_Q5uZ32zoph.png) \ No newline at end of file +![Discord Example](img/Discord.png) +![Line Example](img/Line.png) \ No newline at end of file diff --git a/crowdsec-notifications/discord.yaml b/crowdsec-notifications/discord.yaml index e0f82de..6aa86e3 100644 --- a/crowdsec-notifications/discord.yaml +++ b/crowdsec-notifications/discord.yaml @@ -11,20 +11,11 @@ format: | {{range . -}} {{$alert := . -}} {{range .Decisions -}} - {{if $alert.Source.Cn -}} { "title": "{{.Scenario}}", - "description": ":flag_{{ $alert.Source.Cn | lower }}: {{$alert.Source.IP}}\n Hostname: {{Hostname}}\nAS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}\nAction: {{.Type}} {{.Duration}}\nLinks: [CTI](https://app.crowdsec.net/cti/{{$alert.Source.IP}}) | [Shodan](https://www.shodan.io/host/{{$alert.Source.IP}})", + "description": "{{if $alert.Source.Cn -}}:flag_{{ $alert.Source.Cn | lower }}:{{end}}{{if not $alert.Source.Cn -}}:pirate_flag:{{end}} {{$alert.Source.IP}}\nCount : {{ $alert.EventsCount }}\n{{if $alert.Source.AsNumber -}}AS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}{{else}}AS: N/A{{end}}\nAction: {{.Type}} {{.Duration}} on {{ Hostname }}\nStart: {{ $alert.StartAt }}\nStop: {{ $alert.StopAt }}", "color": "16711680" } - {{end}} - {{if not $alert.Source.Cn -}} - { - "title": "{{.Scenario}}", - "description": ":pirate_flag: {{$alert.Source.IP}}\nHostname: {{Hostname}}\nAS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}\nAction: {{.Type}} {{.Duration}}\nLinks: [CTI](https://app.crowdsec.net/cti/{{$alert.Source.IP}}) | [Shodan](https://www.shodan.io/host/{{$alert.Source.IP}})", - "color": "16711680" - } - {{end}} {{end -}} {{end -}} ] diff --git a/crowdsec-notifications/img/Discord.png b/crowdsec-notifications/img/Discord.png new file mode 100644 index 0000000..d5fb3c9 Binary files /dev/null and b/crowdsec-notifications/img/Discord.png differ diff --git a/crowdsec-notifications/img/Discord_94N3DVisn8.png b/crowdsec-notifications/img/Discord_94N3DVisn8.png deleted file mode 100644 index a93076d..0000000 Binary files a/crowdsec-notifications/img/Discord_94N3DVisn8.png and /dev/null differ diff --git a/crowdsec-notifications/img/LINE_Q5uZ32zoph.png b/crowdsec-notifications/img/LINE_Q5uZ32zoph.png deleted file mode 100644 index 771591a..0000000 Binary files a/crowdsec-notifications/img/LINE_Q5uZ32zoph.png and /dev/null differ diff --git a/crowdsec-notifications/img/line.png b/crowdsec-notifications/img/line.png new file mode 100644 index 0000000..eff530a Binary files /dev/null and b/crowdsec-notifications/img/line.png differ diff --git a/crowdsec-notifications/line.yaml b/crowdsec-notifications/line.yaml index c698d2a..a044c21 100644 --- a/crowdsec-notifications/line.yaml +++ b/crowdsec-notifications/line.yaml @@ -9,13 +9,13 @@ format: | {{range . -}}{{$alert := . -}}{{range .Decisions -}} [ *{{.Scenario}}* ] {{if $alert.Source.Cn -}}{{ $alert.Source.Cn }}{{end}}{{if not $alert.Source.Cn -}}N/A{{end}} {{$alert.Source.IP}} - Hostname: {{Hostname}} - AS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }} - Action: {{.Type}} {{.Duration}} - Links: https://app.crowdsec.net/cti/{{$alert.Source.IP}} - Links: https://www.shodan.io/host/{{$alert.Source.IP}} - {{end -}} - {{end -}} + {{if $alert.Source.AsNumber -}}AS{{ $alert.Source.AsNumber }}: {{ $alert.Source.AsName }}{{else}}AS: N/A{{end}} + Action: {{.Type}} {{.Duration}} on {{ Hostname }} + Count : {{ $alert.EventsCount }} + Start: + {{ $alert.StartAt }} + Stop: + {{ $alert.StopAt }}{{end -}}{{end -}} url: https://notify-api.line.me/api/notify