Signal Push frquency and signal date

Created on 10 January 2023, over 1 year ago

Updated 25 January 2023, over 1 year ago

Problem/Motivation

Two small issues around the signal pushing mechanics:

1) The push is in sync with the website's cron this might not be frequent enough to have fresh signals
2) The signal date is generated on push, this doesn't reflect the reality of the attack

1) Would it be possible to have a custom cron frequency of 5 to 30 minutes for pushing signals ?

By default the cron frequency is 3 hours, the minimum is 1 hour, and it can go up to a week this doesn't fit well the realtime signaling that would allow crowdsec to make relevant decisions regarding the attacking IP and propagate in near real time the information via the community blocklist.

If there is a way to have it run at a higher frequency (every 5 to 30 minutes, ideally 5 to 10) that'd be great

An other easy solution would also be to create a command to push the signals and add to the documentation the need to create a cron for this command running every 5 minutes.

2) Add the time of signal

Along side the scenario,IP and duration, it would be good to save the timestamp of the signal. This information is important for CrowdSec's expert system to analyse the attacks

📌 Task

Status

Fixed

Version

1.0

Component

Code

Created by

🇫🇷France rr404

Live updates comments and jobs are added and updated live.

Incomplete comments

Comments & Activities

Not all content is available!

It's likely this issue predates Contrib.social: some issue and comment data are missing.

Comment over 1 year ago →
System Message
Automatically closed - issue fixed for 2 weeks with no activity.

contrib.social Blog FAQ Discussions

Production build 0.71.5 2024