Closed fmarier closed 2 years ago
Then I installed the geoip-database
package and was able to restart crowdsec successfully using systemctl restart crowdsec.service
.
was able to restart crowdsec successfully using
systemctl restart crowdsec.service
.
Nevermind that comment. It only worked once and crowdsec.service
will no longer start. It didn't seem to have anything to do with the package being installed or not.
Hello @fmarier,
How did you install crowdsec ? Did you got the package from the official debian repositories or ours ?
Would you mind sharing the output of cscli hub list
?
Thanks,
I installed it from the official Debian repository.
$ cscli hub list
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/apache2 : outdated parsers crowdsecurity/apache2-logs
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/linux : sub collection crowdsecurity/sshd is broken : outdated parsers crowdsecurity/sshd-logs
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/naxsi : outdated parsers crowdsecurity/nginx-logs
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/iptables : outdated parsers crowdsecurity/iptables-logs
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/nginx : outdated parsers crowdsecurity/nginx-logs
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/sshd : outdated parsers crowdsecurity/sshd-logs
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/base-http-scenarios : outdated parsers crowdsecurity/http-logs
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/postfix : outdated parsers crowdsecurity/postfix-logs
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/iptables : outdated parsers crowdsecurity/iptables-logs
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/nginx : outdated parsers crowdsecurity/nginx-logs
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/sshd : outdated parsers crowdsecurity/sshd-logs
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/base-http-scenarios : outdated parsers crowdsecurity/http-logs
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/postfix : outdated parsers crowdsecurity/postfix-logs
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/apache2 : outdated parsers crowdsecurity/apache2-logs
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/linux : sub collection crowdsecurity/sshd is broken : outdated parsers crowdsecurity/sshd-logs
INFO[14-11-2021 06:58:52 PM] dependency issue crowdsecurity/naxsi : outdated parsers crowdsecurity/nginx-logs
INFO[14-11-2021 06:58:52 PM] Loaded 15 collecs, 21 parsers, 24 scenarios, 3 post-overflow parsers
INFO[14-11-2021 06:58:52 PM] unmanaged items : 58 local, 0 tainted
INFO[14-11-2021 06:58:52 PM] PARSERS:
-------------------------------------------------------------------------------------------------------------------------------
NAME π¦ STATUS VERSION LOCAL PATH
-------------------------------------------------------------------------------------------------------------------------------
crowdsecurity/apache2-logs β οΈ enabled,update-available 0.4 /etc/crowdsec/parsers/s01-parse/apache2-logs.yaml
crowdsecurity/cowrie-logs βοΈ enabled 0.1 /etc/crowdsec/parsers/s01-parse/cowrie-logs.yaml
crowdsecurity/naxsi-logs βοΈ enabled 0.1 /etc/crowdsec/parsers/s02-enrich/naxsi-logs.yaml
crowdsecurity/whitelists βοΈ enabled 0.1 /etc/crowdsec/parsers/s02-enrich/whitelists.yaml
crowdsecurity/tcpdump-logs βοΈ enabled 0.1 /etc/crowdsec/parsers/s01-parse/tcpdump-logs.yaml
crowdsecurity/geoip-enrich βοΈ enabled 0.2 /etc/crowdsec/parsers/s02-enrich/geoip-enrich.yaml
crowdsecurity/iptables-logs β οΈ enabled,update-available 0.1 /etc/crowdsec/parsers/s01-parse/iptables-logs.yaml
crowdsecurity/nginx-logs β οΈ enabled,update-available 0.2 /etc/crowdsec/parsers/s01-parse/nginx-logs.yaml
crowdsecurity/sshd-logs β οΈ enabled,update-available 0.1 /etc/crowdsec/parsers/s01-parse/sshd-logs.yaml
crowdsecurity/postfix-logs β οΈ enabled,update-available 0.2 /etc/crowdsec/parsers/s01-parse/postfix-logs.yaml
crowdsecurity/syslog-logs βοΈ enabled 0.1 /etc/crowdsec/parsers/s00-raw/syslog-logs.yaml
crowdsecurity/dateparse-enrich βοΈ enabled 0.1 /etc/crowdsec/parsers/s02-enrich/dateparse-enrich.yaml
crowdsecurity/dovecot-logs βοΈ enabled 0.1 /etc/crowdsec/parsers/s01-parse/dovecot-logs.yaml
crowdsecurity/modsecurity βοΈ enabled 0.1 /etc/crowdsec/parsers/s01-parse/modsecurity.yaml
crowdsecurity/mysql-logs βοΈ enabled 0.1 /etc/crowdsec/parsers/s01-parse/mysql-logs.yaml
crowdsecurity/http-logs β οΈ enabled,update-available 0.5 /etc/crowdsec/parsers/s02-enrich/http-logs.yaml
crowdsecurity/postscreen-logs βοΈ enabled 0.1 /etc/crowdsec/parsers/s01-parse/postscreen-logs.yaml
crowdsecurity/smb-logs βοΈ enabled 0.1 /etc/crowdsec/parsers/s01-parse/smb-logs.yaml
crowdsecurity/vsftpd-logs βοΈ enabled 0.1 /etc/crowdsec/parsers/s01-parse/vsftpd-logs.yaml
-------------------------------------------------------------------------------------------------------------------------------
INFO[14-11-2021 06:58:52 PM] SCENARIOS:
---------------------------------------------------------------------------------------------------------------------------
NAME π¦ STATUS VERSION LOCAL PATH
---------------------------------------------------------------------------------------------------------------------------
crowdsecurity/dovecot-spam βοΈ enabled 0.1 /etc/crowdsec/scenarios/dovecot-spam.yaml
crowdsecurity/http-sqli-probing βοΈ enabled 0.2 /etc/crowdsec/scenarios/http-sqli-probing.yaml
crowdsecurity/iptables-scan-multi_ports βοΈ enabled 0.1 /etc/crowdsec/scenarios/iptables-scan-multi_ports.yaml
crowdsecurity/ssh-bf βοΈ enabled 0.1 /etc/crowdsec/scenarios/ssh-bf.yaml
crowdsecurity/ban-defcon-drop_range βοΈ enabled 0.2 /etc/crowdsec/scenarios/ban-defcon-drop_range.yaml
crowdsecurity/http-crawl-non_statics βοΈ enabled 0.2 /etc/crowdsec/scenarios/http-crawl-non_statics.yaml
crowdsecurity/http-probing βοΈ enabled 0.2 /etc/crowdsec/scenarios/http-probing.yaml
crowdsecurity/smb-bf βοΈ enabled 0.1 /etc/crowdsec/scenarios/smb-bf.yaml
crowdsecurity/vsftpd-bf βοΈ enabled 0.1 /etc/crowdsec/scenarios/vsftpd-bf.yaml
ltsich/http-w00tw00t βοΈ enabled 0.1 /etc/crowdsec/scenarios/http-w00tw00t.yaml
crowdsecurity/telnet-bf βοΈ enabled 0.1 /etc/crowdsec/scenarios/telnet-bf.yaml
crowdsecurity/http-bf-wordpress_bf βοΈ enabled 0.2 /etc/crowdsec/scenarios/http-bf-wordpress_bf.yaml
crowdsecurity/http-generic-bf βοΈ enabled 0.1 /etc/crowdsec/scenarios/http-generic-bf.yaml
crowdsecurity/http-sensitive-files βοΈ enabled 0.2 /etc/crowdsec/scenarios/http-sensitive-files.yaml
crowdsecurity/modsecurity βοΈ enabled 0.2 /etc/crowdsec/scenarios/modsecurity.yaml
crowdsecurity/mysql-bf βοΈ enabled 0.1 /etc/crowdsec/scenarios/mysql-bf.yaml
crowdsecurity/postfix-spam βοΈ enabled 0.2 /etc/crowdsec/scenarios/postfix-spam.yaml
crowdsecurity/http-backdoors-attempts βοΈ enabled 0.2 /etc/crowdsec/scenarios/http-backdoors-attempts.yaml
crowdsecurity/http-bad-user-agent βοΈ enabled 0.4 /etc/crowdsec/scenarios/http-bad-user-agent.yaml
crowdsecurity/http-path-traversal-probing βοΈ enabled 0.2 /etc/crowdsec/scenarios/http-path-traversal-probing.yaml
crowdsecurity/http-xss-probing βοΈ enabled 0.2 /etc/crowdsec/scenarios/http-xss-probing.yaml
crowdsecurity/naxsi-exploit-vpatch βοΈ enabled 0.1 /etc/crowdsec/scenarios/naxsi-exploit-vpatch.yaml
---------------------------------------------------------------------------------------------------------------------------
INFO[14-11-2021 06:58:52 PM] COLLECTIONS:
----------------------------------------------------------------------------------------------------------------------------------
NAME π¦ STATUS VERSION LOCAL PATH
----------------------------------------------------------------------------------------------------------------------------------
crowdsecurity/apache2 β οΈ enabled,update-available 0.1 /etc/crowdsec/collections/apache2.yaml
crowdsecurity/linux βοΈ enabled 0.2 /etc/crowdsec/collections/linux.yaml
crowdsecurity/naxsi β οΈ enabled,update-available 0.1 /etc/crowdsec/collections/naxsi.yaml
crowdsecurity/whitelist-good-actors βοΈ enabled 0.1 /etc/crowdsec/collections/whitelist-good-actors.yaml
crowdsecurity/wordpress βοΈ enabled 0.1 /etc/crowdsec/collections/wordpress.yaml
crowdsecurity/iptables β οΈ enabled,update-available 0.1 /etc/crowdsec/collections/iptables.yaml
crowdsecurity/modsecurity βοΈ enabled 0.1 /etc/crowdsec/collections/modsecurity.yaml
crowdsecurity/nginx β οΈ enabled,update-available 0.1 /etc/crowdsec/collections/nginx.yaml
crowdsecurity/sshd β οΈ enabled,update-available 0.1 /etc/crowdsec/collections/sshd.yaml
crowdsecurity/base-http-scenarios β οΈ enabled,update-available 0.3 /etc/crowdsec/collections/base-http-scenarios.yaml
crowdsecurity/mysql βοΈ enabled 0.1 /etc/crowdsec/collections/mysql.yaml
crowdsecurity/dovecot βοΈ enabled 0.1 /etc/crowdsec/collections/dovecot.yaml
crowdsecurity/postfix β οΈ enabled,update-available 0.2 /etc/crowdsec/collections/postfix.yaml
crowdsecurity/vsftpd βοΈ enabled 0.1 /etc/crowdsec/collections/vsftpd.yaml
----------------------------------------------------------------------------------------------------------------------------------
INFO[14-11-2021 06:58:52 PM] POSTOVERFLOWS:
---------------------------------------------------------------------------------------------------------------------------
NAME π¦ STATUS VERSION LOCAL PATH
---------------------------------------------------------------------------------------------------------------------------
crowdsecurity/cdn-whitelist βοΈ enabled 0.3 /etc/crowdsec/postoverflows/s01-whitelist/cdn-whitelist.yaml
crowdsecurity/rdns βοΈ enabled 0.2 /etc/crowdsec/postoverflows/s00-enrich/rdns.yaml
crowdsecurity/seo-bots-whitelist βοΈ enabled 0.4 /etc/crowdsec/postoverflows/s01-whitelist/seo-bots-whitelist.yaml
---------------------------------------------------------------------------------------------------------------------------
Can you try cscli hub upgrade --force
?
Please keep us updated on this.
It looks like my version of cscli
doesn't have the --force
option:
$ sudo cscli hub update --force
Error: unknown flag: --force
Usage:
cscli hub update [flags]
Flags:
-h, --help help for update
Global Flags:
-b, --branch string Use given branch from hub
-c, --config string path to crowdsec config file (default "/etc/crowdsec/config.yaml")
--debug Set logging to debug.
--error Set logging to error.
--info Set logging to info.
-o, --output string Output format : human, json, raw.
--trace Set logging to trace.
--warning Set logging to warning.
FATA[0000] While executing root command : unknown flag: --force
Hi,
The force option in on upgrade command (not on update).
Update is for updating the parsers/scenarios/collections index, and upgrade is for actually upgrading them.
Ah, sorry I got that wrong. Here's the correct command:
$ sudo cscli hub upgrade --force
[sudo] Mot de passe de rootΒ :
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/naxsi : outdated parsers crowdsecurity/nginx-logs
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/base-http-scenarios : outdated parsers crowdsecurity/http-logs
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/nginx : outdated parsers crowdsecurity/nginx-logs
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/iptables : outdated parsers crowdsecurity/iptables-logs
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/linux : sub collection crowdsecurity/sshd is broken : outdated parsers crowdsecurity/sshd-logs
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/postfix : outdated parsers crowdsecurity/postfix-logs
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/apache2 : outdated parsers crowdsecurity/apache2-logs
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/sshd : outdated parsers crowdsecurity/sshd-logs
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/sshd : outdated parsers crowdsecurity/sshd-logs
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/base-http-scenarios : outdated parsers crowdsecurity/http-logs
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/naxsi : outdated parsers crowdsecurity/nginx-logs
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/iptables : outdated parsers crowdsecurity/iptables-logs
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/nginx : outdated parsers crowdsecurity/nginx-logs
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/apache2 : outdated parsers crowdsecurity/apache2-logs
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/linux : sub collection crowdsecurity/sshd is broken : outdated parsers crowdsecurity/sshd-logs
INFO[23-11-2021 04:26:38 AM] dependency issue crowdsecurity/postfix : outdated parsers crowdsecurity/postfix-logs
INFO[23-11-2021 04:26:38 AM] Upgrading collections
WARN[23-11-2021 04:26:39 AM] crowdsecurity/postfix-logs : overwrite
WARN[23-11-2021 04:26:39 AM] crowdsecurity/postscreen-logs : overwrite
WARN[23-11-2021 04:26:39 AM] crowdsecurity/postfix-spam : overwrite
WARN[23-11-2021 04:26:39 AM] crowdsecurity/postfix : overwrite
INFO[23-11-2021 04:26:39 AM] π¦ crowdsecurity/postfix : updated
INFO[23-11-2021 04:26:39 AM] crowdsecurity/wordpress : up-to-date
WARN[23-11-2021 04:26:39 AM] crowdsecurity/http-bf-wordpress_bf : overwrite
WARN[23-11-2021 04:26:39 AM] crowdsecurity/wordpress : overwrite
INFO[23-11-2021 04:26:39 AM] π¦ crowdsecurity/wordpress : updated
WARN[23-11-2021 04:26:39 AM] crowdsecurity/apache2-logs : overwrite
WARN[23-11-2021 04:26:39 AM] crowdsecurity/http-logs : overwrite
WARN[23-11-2021 04:26:40 AM] crowdsecurity/http-crawl-non_statics : overwrite
WARN[23-11-2021 04:26:40 AM] crowdsecurity/http-probing : overwrite
WARN[23-11-2021 04:26:40 AM] crowdsecurity/http-bad-user-agent : overwrite
INFO[23-11-2021 04:26:40 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/bad_user_agents.txt' in '/var/lib/crowdsec/data/bad_user_agents.txt'
WARN[23-11-2021 04:26:40 AM] crowdsecurity/http-path-traversal-probing : overwrite
INFO[23-11-2021 04:26:40 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/path_traversal.txt' in '/var/lib/crowdsec/data/http_path_traversal.txt'
WARN[23-11-2021 04:26:40 AM] crowdsecurity/http-sensitive-files : overwrite
INFO[23-11-2021 04:26:40 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/sensitive_data.txt' in '/var/lib/crowdsec/data/sensitive_data.txt'
WARN[23-11-2021 04:26:40 AM] crowdsecurity/http-sqli-probing : overwrite
INFO[23-11-2021 04:26:40 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/sqli_probe_patterns.txt' in '/var/lib/crowdsec/data/sqli_probe_patterns.txt'
WARN[23-11-2021 04:26:41 AM] crowdsecurity/http-xss-probing : overwrite
INFO[23-11-2021 04:26:41 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/xss_probe_patterns.txt' in '/var/lib/crowdsec/data/xss_probe_patterns.txt'
WARN[23-11-2021 04:26:41 AM] crowdsecurity/http-backdoors-attempts : overwrite
INFO[23-11-2021 04:26:41 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/backdoors.txt' in '/var/lib/crowdsec/data/backdoors.txt'
WARN[23-11-2021 04:26:41 AM] ltsich/http-w00tw00t : overwrite
WARN[23-11-2021 04:26:41 AM] crowdsecurity/http-generic-bf : overwrite
WARN[23-11-2021 04:26:41 AM] crowdsecurity/base-http-scenarios : overwrite
WARN[23-11-2021 04:26:41 AM] crowdsecurity/base-http-scenarios : overwrite
WARN[23-11-2021 04:26:41 AM] crowdsecurity/apache2 : overwrite
INFO[23-11-2021 04:26:41 AM] π¦ crowdsecurity/apache2 : updated
INFO[23-11-2021 04:26:41 AM] crowdsecurity/dovecot : up-to-date
WARN[23-11-2021 04:26:41 AM] crowdsecurity/dovecot-logs : overwrite
WARN[23-11-2021 04:26:42 AM] crowdsecurity/dovecot-spam : overwrite
WARN[23-11-2021 04:26:42 AM] crowdsecurity/dovecot : overwrite
INFO[23-11-2021 04:26:42 AM] π¦ crowdsecurity/dovecot : updated
INFO[23-11-2021 04:26:42 AM] crowdsecurity/linux : up-to-date
WARN[23-11-2021 04:26:42 AM] crowdsecurity/syslog-logs : overwrite
WARN[23-11-2021 04:26:42 AM] crowdsecurity/geoip-enrich : overwrite
INFO[23-11-2021 04:26:42 AM] downloading data 'https://crowdsec-statics-assets.s3-eu-west-1.amazonaws.com/GeoLite2-City.mmdb' in '/var/lib/crowdsec/data/GeoLite2-City.mmdb'
INFO[23-11-2021 04:26:47 AM] downloading data 'https://crowdsec-statics-assets.s3-eu-west-1.amazonaws.com/GeoLite2-ASN.mmdb' in '/var/lib/crowdsec/data/GeoLite2-ASN.mmdb'
WARN[23-11-2021 04:26:47 AM] crowdsecurity/dateparse-enrich : overwrite
WARN[23-11-2021 04:26:47 AM] crowdsecurity/sshd-logs : overwrite
WARN[23-11-2021 04:26:47 AM] crowdsecurity/ssh-bf : overwrite
WARN[23-11-2021 04:26:47 AM] crowdsecurity/sshd : overwrite
WARN[23-11-2021 04:26:47 AM] crowdsecurity/sshd : overwrite
WARN[23-11-2021 04:26:47 AM] crowdsecurity/linux : overwrite
INFO[23-11-2021 04:26:47 AM] π¦ crowdsecurity/linux : updated
INFO[23-11-2021 04:26:47 AM] crowdsecurity/mysql : up-to-date
WARN[23-11-2021 04:26:48 AM] crowdsecurity/mysql-logs : overwrite
WARN[23-11-2021 04:26:48 AM] crowdsecurity/mysql-bf : overwrite
WARN[23-11-2021 04:26:48 AM] crowdsecurity/mysql : overwrite
INFO[23-11-2021 04:26:48 AM] π¦ crowdsecurity/mysql : updated
INFO[23-11-2021 04:26:48 AM] crowdsecurity/sshd : up-to-date
WARN[23-11-2021 04:26:48 AM] crowdsecurity/sshd-logs : overwrite
WARN[23-11-2021 04:26:48 AM] crowdsecurity/ssh-bf : overwrite
WARN[23-11-2021 04:26:48 AM] crowdsecurity/sshd : overwrite
INFO[23-11-2021 04:26:48 AM] π¦ crowdsecurity/sshd : updated
WARN[23-11-2021 04:26:48 AM] firewallservices/zimbra : not downloaded, please install.
INFO[23-11-2021 04:26:48 AM] firewallservices/zimbra-logs : OK
INFO[23-11-2021 04:26:48 AM] Enabled parsers : firewallservices/zimbra-logs
INFO[23-11-2021 04:26:48 AM] firewallservices/zimbra-bf : OK
INFO[23-11-2021 04:26:48 AM] Enabled scenarios : firewallservices/zimbra-bf
INFO[23-11-2021 04:26:48 AM] firewallservices/zimbra : OK
INFO[23-11-2021 04:26:48 AM] π¦ firewallservices/zimbra : updated
INFO[23-11-2021 04:26:48 AM] crowdsecurity/base-http-scenarios : up-to-date
WARN[23-11-2021 04:26:48 AM] crowdsecurity/http-logs : overwrite
WARN[23-11-2021 04:26:48 AM] crowdsecurity/http-crawl-non_statics : overwrite
WARN[23-11-2021 04:26:48 AM] crowdsecurity/http-probing : overwrite
WARN[23-11-2021 04:26:48 AM] crowdsecurity/http-bad-user-agent : overwrite
INFO[23-11-2021 04:26:48 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/bad_user_agents.txt' in '/var/lib/crowdsec/data/bad_user_agents.txt'
WARN[23-11-2021 04:26:48 AM] crowdsecurity/http-path-traversal-probing : overwrite
INFO[23-11-2021 04:26:48 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/path_traversal.txt' in '/var/lib/crowdsec/data/http_path_traversal.txt'
WARN[23-11-2021 04:26:48 AM] crowdsecurity/http-sensitive-files : overwrite
INFO[23-11-2021 04:26:48 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/sensitive_data.txt' in '/var/lib/crowdsec/data/sensitive_data.txt'
WARN[23-11-2021 04:26:48 AM] crowdsecurity/http-sqli-probing : overwrite
INFO[23-11-2021 04:26:48 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/sqli_probe_patterns.txt' in '/var/lib/crowdsec/data/sqli_probe_patterns.txt'
WARN[23-11-2021 04:26:48 AM] crowdsecurity/http-xss-probing : overwrite
INFO[23-11-2021 04:26:48 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/xss_probe_patterns.txt' in '/var/lib/crowdsec/data/xss_probe_patterns.txt'
WARN[23-11-2021 04:26:48 AM] crowdsecurity/http-backdoors-attempts : overwrite
INFO[23-11-2021 04:26:48 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/backdoors.txt' in '/var/lib/crowdsec/data/backdoors.txt'
WARN[23-11-2021 04:26:48 AM] ltsich/http-w00tw00t : overwrite
WARN[23-11-2021 04:26:48 AM] crowdsecurity/http-generic-bf : overwrite
WARN[23-11-2021 04:26:48 AM] crowdsecurity/base-http-scenarios : overwrite
INFO[23-11-2021 04:26:48 AM] π¦ crowdsecurity/base-http-scenarios : updated
WARN[23-11-2021 04:26:48 AM] crowdsecurity/nginx-logs : overwrite
WARN[23-11-2021 04:26:48 AM] crowdsecurity/naxsi-logs : overwrite
WARN[23-11-2021 04:26:48 AM] crowdsecurity/naxsi-exploit-vpatch : overwrite
WARN[23-11-2021 04:26:49 AM] crowdsecurity/naxsi : overwrite
INFO[23-11-2021 04:26:49 AM] π¦ crowdsecurity/naxsi : updated
INFO[23-11-2021 04:26:49 AM] crowdsecurity/whitelist-good-actors : up-to-date
WARN[23-11-2021 04:26:49 AM] crowdsecurity/seo-bots-whitelist : overwrite
INFO[23-11-2021 04:26:49 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/whitelists/benign_bots/search_engine_crawlers/rdns_seo_bots.txt' in '/var/lib/crowdsec/data/rdns_seo_bots.txt'
INFO[23-11-2021 04:26:49 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/whitelists/benign_bots/search_engine_crawlers/rnds_seo_bots.regex' in '/var/lib/crowdsec/data/rdns_seo_bots.regex'
INFO[23-11-2021 04:26:49 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/whitelists/benign_bots/search_engine_crawlers/ip_seo_bots.txt' in '/var/lib/crowdsec/data/ip_seo_bots.txt'
WARN[23-11-2021 04:26:49 AM] crowdsecurity/cdn-whitelist : overwrite
INFO[23-11-2021 04:26:49 AM] downloading data 'https://www.cloudflare.com/ips-v4' in '/var/lib/crowdsec/data/cloudflare_ips.txt'
WARN[23-11-2021 04:26:49 AM] crowdsecurity/rdns : overwrite
WARN[23-11-2021 04:26:49 AM] crowdsecurity/whitelist-good-actors : overwrite
INFO[23-11-2021 04:26:49 AM] π¦ crowdsecurity/whitelist-good-actors : updated
WARN[23-11-2021 04:26:50 AM] crowdsecurity/iptables-logs : overwrite
WARN[23-11-2021 04:26:50 AM] crowdsecurity/iptables-scan-multi_ports : overwrite
WARN[23-11-2021 04:26:50 AM] crowdsecurity/iptables : overwrite
INFO[23-11-2021 04:26:50 AM] π¦ crowdsecurity/iptables : updated
INFO[23-11-2021 04:26:50 AM] crowdsecurity/modsecurity : up-to-date
WARN[23-11-2021 04:26:50 AM] crowdsecurity/modsecurity : overwrite
WARN[23-11-2021 04:26:50 AM] crowdsecurity/modsecurity : overwrite
WARN[23-11-2021 04:26:50 AM] crowdsecurity/modsecurity : overwrite
INFO[23-11-2021 04:26:50 AM] π¦ crowdsecurity/modsecurity : updated
WARN[23-11-2021 04:26:50 AM] crowdsecurity/nginx-logs : overwrite
WARN[23-11-2021 04:26:50 AM] crowdsecurity/http-logs : overwrite
WARN[23-11-2021 04:26:50 AM] crowdsecurity/http-crawl-non_statics : overwrite
WARN[23-11-2021 04:26:50 AM] crowdsecurity/http-probing : overwrite
WARN[23-11-2021 04:26:50 AM] crowdsecurity/http-bad-user-agent : overwrite
INFO[23-11-2021 04:26:50 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/bad_user_agents.txt' in '/var/lib/crowdsec/data/bad_user_agents.txt'
WARN[23-11-2021 04:26:50 AM] crowdsecurity/http-path-traversal-probing : overwrite
INFO[23-11-2021 04:26:50 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/path_traversal.txt' in '/var/lib/crowdsec/data/http_path_traversal.txt'
WARN[23-11-2021 04:26:50 AM] crowdsecurity/http-sensitive-files : overwrite
INFO[23-11-2021 04:26:50 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/sensitive_data.txt' in '/var/lib/crowdsec/data/sensitive_data.txt'
WARN[23-11-2021 04:26:50 AM] crowdsecurity/http-sqli-probing : overwrite
INFO[23-11-2021 04:26:50 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/sqli_probe_patterns.txt' in '/var/lib/crowdsec/data/sqli_probe_patterns.txt'
WARN[23-11-2021 04:26:50 AM] crowdsecurity/http-xss-probing : overwrite
INFO[23-11-2021 04:26:50 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/xss_probe_patterns.txt' in '/var/lib/crowdsec/data/xss_probe_patterns.txt'
WARN[23-11-2021 04:26:50 AM] crowdsecurity/http-backdoors-attempts : overwrite
INFO[23-11-2021 04:26:50 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/backdoors.txt' in '/var/lib/crowdsec/data/backdoors.txt'
WARN[23-11-2021 04:26:50 AM] ltsich/http-w00tw00t : overwrite
WARN[23-11-2021 04:26:50 AM] crowdsecurity/http-generic-bf : overwrite
WARN[23-11-2021 04:26:50 AM] crowdsecurity/base-http-scenarios : overwrite
WARN[23-11-2021 04:26:50 AM] crowdsecurity/base-http-scenarios : overwrite
WARN[23-11-2021 04:26:50 AM] crowdsecurity/nginx : overwrite
INFO[23-11-2021 04:26:50 AM] π¦ crowdsecurity/nginx : updated
INFO[23-11-2021 04:26:50 AM] crowdsecurity/vsftpd : up-to-date
WARN[23-11-2021 04:26:50 AM] crowdsecurity/vsftpd-logs : overwrite
WARN[23-11-2021 04:26:50 AM] crowdsecurity/vsftpd-bf : overwrite
WARN[23-11-2021 04:26:51 AM] crowdsecurity/vsftpd : overwrite
INFO[23-11-2021 04:26:51 AM] π¦ crowdsecurity/vsftpd : updated
INFO[23-11-2021 04:26:51 AM] Upgraded 15 items
INFO[23-11-2021 04:26:51 AM] Upgrading parsers
INFO[23-11-2021 04:26:51 AM] crowdsecurity/tcpdump-logs : up-to-date
WARN[23-11-2021 04:26:51 AM] crowdsecurity/tcpdump-logs : overwrite
INFO[23-11-2021 04:26:51 AM] π¦ crowdsecurity/tcpdump-logs : updated
INFO[23-11-2021 04:26:51 AM] crowdsecurity/vsftpd-logs : up-to-date
WARN[23-11-2021 04:26:51 AM] crowdsecurity/vsftpd-logs : overwrite
INFO[23-11-2021 04:26:51 AM] π¦ crowdsecurity/vsftpd-logs : updated
WARN[23-11-2021 04:26:51 AM] firewallservices/lemonldap-ng : not downloaded, please install.
INFO[23-11-2021 04:26:51 AM] firewallservices/lemonldap-ng : OK
INFO[23-11-2021 04:26:51 AM] π¦ firewallservices/lemonldap-ng : updated
INFO[23-11-2021 04:26:51 AM] crowdsecurity/geoip-enrich : up-to-date
WARN[23-11-2021 04:26:51 AM] crowdsecurity/geoip-enrich : overwrite
INFO[23-11-2021 04:26:51 AM] downloading data 'https://crowdsec-statics-assets.s3-eu-west-1.amazonaws.com/GeoLite2-City.mmdb' in '/var/lib/crowdsec/data/GeoLite2-City.mmdb'
INFO[23-11-2021 04:26:53 AM] downloading data 'https://crowdsec-statics-assets.s3-eu-west-1.amazonaws.com/GeoLite2-ASN.mmdb' in '/var/lib/crowdsec/data/GeoLite2-ASN.mmdb'
INFO[23-11-2021 04:26:53 AM] π¦ crowdsecurity/geoip-enrich : updated
INFO[23-11-2021 04:26:53 AM] crowdsecurity/http-logs : up-to-date
WARN[23-11-2021 04:26:53 AM] crowdsecurity/http-logs : overwrite
INFO[23-11-2021 04:26:53 AM] π¦ crowdsecurity/http-logs : updated
INFO[23-11-2021 04:26:53 AM] crowdsecurity/iptables-logs : up-to-date
WARN[23-11-2021 04:26:53 AM] crowdsecurity/iptables-logs : overwrite
INFO[23-11-2021 04:26:53 AM] π¦ crowdsecurity/iptables-logs : updated
INFO[23-11-2021 04:26:53 AM] crowdsecurity/postfix-logs : up-to-date
WARN[23-11-2021 04:26:53 AM] crowdsecurity/postfix-logs : overwrite
INFO[23-11-2021 04:26:53 AM] π¦ crowdsecurity/postfix-logs : updated
INFO[23-11-2021 04:26:53 AM] crowdsecurity/cowrie-logs : up-to-date
WARN[23-11-2021 04:26:53 AM] crowdsecurity/cowrie-logs : overwrite
INFO[23-11-2021 04:26:53 AM] π¦ crowdsecurity/cowrie-logs : updated
INFO[23-11-2021 04:26:53 AM] crowdsecurity/dateparse-enrich : up-to-date
WARN[23-11-2021 04:26:53 AM] crowdsecurity/dateparse-enrich : overwrite
INFO[23-11-2021 04:26:53 AM] π¦ crowdsecurity/dateparse-enrich : updated
INFO[23-11-2021 04:26:53 AM] crowdsecurity/modsecurity : up-to-date
WARN[23-11-2021 04:26:53 AM] crowdsecurity/modsecurity : overwrite
INFO[23-11-2021 04:26:53 AM] π¦ crowdsecurity/modsecurity : updated
INFO[23-11-2021 04:26:53 AM] crowdsecurity/sshd-logs : up-to-date
WARN[23-11-2021 04:26:53 AM] crowdsecurity/sshd-logs : overwrite
INFO[23-11-2021 04:26:53 AM] π¦ crowdsecurity/sshd-logs : updated
INFO[23-11-2021 04:26:53 AM] crowdsecurity/syslog-logs : up-to-date
WARN[23-11-2021 04:26:53 AM] crowdsecurity/syslog-logs : overwrite
INFO[23-11-2021 04:26:53 AM] π¦ crowdsecurity/syslog-logs : updated
INFO[23-11-2021 04:26:53 AM] crowdsecurity/whitelists : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/whitelists : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/whitelists : updated
INFO[23-11-2021 04:26:54 AM] firewallservices/zimbra-logs : up-to-date
WARN[23-11-2021 04:26:54 AM] firewallservices/zimbra-logs : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ firewallservices/zimbra-logs : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/apache2-logs : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/apache2-logs : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/apache2-logs : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/naxsi-logs : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/naxsi-logs : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/naxsi-logs : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/nginx-logs : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/nginx-logs : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/nginx-logs : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/smb-logs : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/smb-logs : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/smb-logs : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/dovecot-logs : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/dovecot-logs : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/dovecot-logs : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/mysql-logs : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/mysql-logs : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/mysql-logs : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/postscreen-logs : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/postscreen-logs : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/postscreen-logs : updated
INFO[23-11-2021 04:26:54 AM] Upgraded 21 items
INFO[23-11-2021 04:26:54 AM] Upgrading scenarios
INFO[23-11-2021 04:26:54 AM] crowdsecurity/dovecot-spam : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/dovecot-spam : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/dovecot-spam : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/http-probing : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/http-probing : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/http-probing : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/http-sensitive-files : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/http-sensitive-files : overwrite
INFO[23-11-2021 04:26:54 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/sensitive_data.txt' in '/var/lib/crowdsec/data/sensitive_data.txt'
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/http-sensitive-files : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/naxsi-exploit-vpatch : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/naxsi-exploit-vpatch : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/naxsi-exploit-vpatch : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/telnet-bf : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/telnet-bf : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/telnet-bf : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/http-xss-probing : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/http-xss-probing : overwrite
INFO[23-11-2021 04:26:54 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/xss_probe_patterns.txt' in '/var/lib/crowdsec/data/xss_probe_patterns.txt'
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/http-xss-probing : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/modsecurity : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/modsecurity : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/modsecurity : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/mysql-bf : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/mysql-bf : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/mysql-bf : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/ssh-bf : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/ssh-bf : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/ssh-bf : updated
INFO[23-11-2021 04:26:54 AM] ltsich/http-w00tw00t : up-to-date
WARN[23-11-2021 04:26:54 AM] ltsich/http-w00tw00t : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ ltsich/http-w00tw00t : updated
INFO[23-11-2021 04:26:54 AM] firewallservices/zimbra-bf : up-to-date
WARN[23-11-2021 04:26:54 AM] firewallservices/zimbra-bf : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ firewallservices/zimbra-bf : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/http-backdoors-attempts : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/http-backdoors-attempts : overwrite
INFO[23-11-2021 04:26:54 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/backdoors.txt' in '/var/lib/crowdsec/data/backdoors.txt'
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/http-backdoors-attempts : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/http-bad-user-agent : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/http-bad-user-agent : overwrite
INFO[23-11-2021 04:26:54 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/bad_user_agents.txt' in '/var/lib/crowdsec/data/bad_user_agents.txt'
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/http-bad-user-agent : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/http-bf-wordpress_bf : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/http-bf-wordpress_bf : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/http-bf-wordpress_bf : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/http-sqli-probing : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/http-sqli-probing : overwrite
INFO[23-11-2021 04:26:54 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/sqli_probe_patterns.txt' in '/var/lib/crowdsec/data/sqli_probe_patterns.txt'
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/http-sqli-probing : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/postfix-spam : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/postfix-spam : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/postfix-spam : updated
WARN[23-11-2021 04:26:54 AM] firewallservices/lemonldap-ng-bf : not downloaded, please install.
INFO[23-11-2021 04:26:54 AM] firewallservices/lemonldap-ng-bf : OK
INFO[23-11-2021 04:26:54 AM] π¦ firewallservices/lemonldap-ng-bf : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/vsftpd-bf : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/vsftpd-bf : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/vsftpd-bf : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/ban-defcon-drop_range : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/ban-defcon-drop_range : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/ban-defcon-drop_range : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/http-crawl-non_statics : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/http-crawl-non_statics : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/http-crawl-non_statics : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/http-generic-bf : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/http-generic-bf : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/http-generic-bf : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/http-path-traversal-probing : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/http-path-traversal-probing : overwrite
INFO[23-11-2021 04:26:54 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/web/path_traversal.txt' in '/var/lib/crowdsec/data/http_path_traversal.txt'
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/http-path-traversal-probing : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/iptables-scan-multi_ports : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/iptables-scan-multi_ports : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/iptables-scan-multi_ports : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/smb-bf : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/smb-bf : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/smb-bf : updated
INFO[23-11-2021 04:26:54 AM] Upgraded 24 items
INFO[23-11-2021 04:26:54 AM] Upgrading postoverflows
INFO[23-11-2021 04:26:54 AM] crowdsecurity/cdn-whitelist : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/cdn-whitelist : overwrite
INFO[23-11-2021 04:26:54 AM] downloading data 'https://www.cloudflare.com/ips-v4' in '/var/lib/crowdsec/data/cloudflare_ips.txt'
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/cdn-whitelist : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/rdns : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/rdns : overwrite
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/rdns : updated
INFO[23-11-2021 04:26:54 AM] crowdsecurity/seo-bots-whitelist : up-to-date
WARN[23-11-2021 04:26:54 AM] crowdsecurity/seo-bots-whitelist : overwrite
INFO[23-11-2021 04:26:54 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/whitelists/benign_bots/search_engine_crawlers/rdns_seo_bots.txt' in '/var/lib/crowdsec/data/rdns_seo_bots.txt'
INFO[23-11-2021 04:26:54 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/whitelists/benign_bots/search_engine_crawlers/rnds_seo_bots.regex' in '/var/lib/crowdsec/data/rdns_seo_bots.regex'
INFO[23-11-2021 04:26:54 AM] downloading data 'https://raw.githubusercontent.com/crowdsecurity/sec-lists/master/whitelists/benign_bots/search_engine_crawlers/ip_seo_bots.txt' in '/var/lib/crowdsec/data/ip_seo_bots.txt'
INFO[23-11-2021 04:26:54 AM] π¦ crowdsecurity/seo-bots-whitelist : updated
INFO[23-11-2021 04:26:54 AM] Upgraded 3 items
I believe this fixed your issue. i'll close it in a few days, except if you want to add something to this.
Thank you for reaching us.
Describe the bug I see the following in my logs when I run
systemctl start crowdsec.service
on Debian bullseye:Technical Information (please complete the following information):
Additional context