log acquisition
With the recent addition of https://docs.crowdsec.net/docs/log_processor/data_sources/docker/#swarm I wondered what would be the recommended way to acquite logs from traefik and bouncer: https://github.com/maxlerebourg/crowdsec-bouncer-traefik-plugin .
Questions:
- Should I use a bind mounts or use the new api to read logs directly from the Docker Data Source.
- What are tradeoffs? (pros/cons)
- How does Crowdsec read from swarm/docker directly (technical). I think it uses the docker socket.
Traefik adds a disclaimer: Accessing the Docker API without any restriction is a security concern
https://doc.traefik.io/traefik/reference/install-configuration/providers/docker/#docker-api-access
⇒ would this apply to crowdsec too?
Thanks in advance!
GitHub
GitHub - maxlerebourg/crowdsec-bouncer-traefik-plugin: Traefik plug...
Traefik plugin for Crowdsec - WAF and IP protection - maxlerebourg/crowdsec-bouncer-traefik-plugin
Traefik Docker Documentation - Traefik
Learn how to achieve configuration discovery in Traefik through Docker. Read the technical documentation.
Docker | CrowdSec
This module allows the Security Engine to acquire logs from running containers, in one-shot and streaming mode.
1 Reply
Important Information
Thank you for getting in touch with your support request. To expedite a swift resolution, could you kindly provide the following information? Rest assured, we will respond promptly, and we greatly appreciate your patience. While you wait, please check the links below to see if this issue has been previously addressed. If you have managed to resolve it, please use run the command
/resolve or press the green resolve button below.Log Files
If you possess any log files that you believe could be beneficial, please include them at this time. By default, CrowdSec logs to /var/log/, where you will discover a corresponding log file for each component.
Guide Followed (CrowdSec Official)
If you have diligently followed one of our guides and hit a roadblock, please share the guide with us. This will help us assess if any adjustments are necessary to assist you further.
Screenshots
Please forward any screenshots depicting errors you encounter. Your visuals will provide us with a clear view of the issues you are facing.
© Created By WhyAydan for CrowdSec ❤️