Trez.One
cbdc8f35a5
Gitea Branch PR & Ansible Deployment / Check and Create PR (push) Successful in 8m53s
Gitea Branch PR & Ansible Deployment / Docker Compose & Ansible Lints (push) Failing after 12m35s
Gitea Branch PR & Ansible Deployment / PR Merge (push) Successful in 31s
Gitea Branch PR & Ansible Deployment / Ansible Config Deployment (push) Failing after 19m9s
17 lines
813 B
Django/Jinja
17 lines
813 B
Django/Jinja
{% set vault_addr = 'https://vault.trez.wtf' %}
|
|
{% set secrets_path = 'rinoa-docker/env' %}
|
|
|
|
name: default_ip_remediation
|
|
#debug: true
|
|
filters:
|
|
- Alert.Remediation == true && Alert.GetScope() == "Ip"
|
|
decisions:
|
|
- type: ban
|
|
duration: 4h
|
|
#duration_expr: Sprintf('%dh', (GetDecisionsCount(Alert.GetValue()) + 1) * 4)
|
|
# notifications:
|
|
# - slack_default # Set the webhook in /etc/crowdsec/notifications/slack.yaml before enabling this.
|
|
# - splunk_default # Set the splunk url and token in /etc/crowdsec/notifications/splunk.yaml before enabling this.
|
|
# - http_default # Set the required http parameters in /etc/crowdsec/notifications/http.yaml before enabling this.
|
|
# - email_default # Set the required email parameters in /etc/crowdsec/notifications/email.yaml before enabling this.
|
|
on_success: break |