Automatically closed - issue fixed for 2 weeks with no activity.
Two small issues around the signal pushing mechanics:
By default the cron frequency is 3 hours, the minimum is 1 hour, and it can go up to a week this doesn't fit well the realtime signaling that would allow crowdsec to make relevant decisions regarding the attacking IP and propagate in near real time the information via the community blocklist.
If there is a way to have it run at a higher frequency (every 5 to 30 minutes, ideally 5 to 10) that'd be great
An other easy solution would also be to create a command to push the signals and add to the documentation the need to create a cron for this command running every 5 minutes.
Along side the scenario,IP and duration, it would be good to save the timestamp of the signal. This information is important for CrowdSec's expert system to analyse the attacks
Fixed
1.0
Code
Not all content is available!
It's likely this issue predates Contrib.social: some issue and comment data are missing.
Automatically closed - issue fixed for 2 weeks with no activity.