Query local api for scenario containing http
Hi,
I have read the documentation here : https://docs.crowdsec.net/docs/next/local_api/bouncers/
I see that we can query the LAPI for a specific IP, but not for scenario containing something, like "http" or "appsec".
My main goal is to query the LAPI but ask only for decisions where the scenarios contain a certain pattern (like http/appsec).
atm I just query everything and filter later on the client side, but maybe it can use less ressources if I can filter on the LAPI request...
For Remediation Components | CrowdSec
This page explains how to interact with the local API exposed by the Security Engine.
5 Replies
Important Information
This post has been marked as resolved. If this is a mistake please press the red button below or type
/unresolve© Created By WhyAydan for CrowdSec ❤️
When manually querying LAPI, you can refer to the swagger file here https://github.com/crowdsecurity/crowdsec/blob/master/pkg/models/localapi_swagger.yaml#L53 or here https://crowdsecurity.github.io/api_doc/lapi/#/Remediation%20component/getDecisionsStream if you want a web UI to visualize it
GitHub
crowdsec/pkg/models/localapi_swagger.yaml at master · crowdsecurity...
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI. - crowdsecurity/crowdsec
In your case, you are looking for the
scenarios_containing parameteroh, nice page to get more information !
Thx, exactly what I was searching for !
Resolving Query local api for scenario containing http
This has now been resolved. If you think this is a mistake please run
/unresolve