github.com/crowdsecurity/crowdsec@v1.6.1/pkg/apiserver/tests/alert_bulk.json (about) 1 [ 2 { 3 "capacity": 5, 4 "decisions": null, 5 "events": [ 6 { 7 "meta": [ 8 { 9 "key": "ASNOrg", 10 "value": "OVH SAS" 11 }, 12 { 13 "key": "SourceRange", 14 "value": "91.121.72.0/21" 15 }, 16 { 17 "key": "target_user", 18 "value": "root" 19 }, 20 { 21 "key": "source_ip", 22 "value": "91.121.79.195" 23 }, 24 { 25 "key": "IsoCode", 26 "value": "FR" 27 }, 28 { 29 "key": "ASNNumber", 30 "value": "16276" 31 }, 32 { 33 "key": "service", 34 "value": "ssh" 35 }, 36 { 37 "key": "log_type", 38 "value": "ssh_failed-auth" 39 }, 40 { 41 "key": "IsInEU", 42 "value": "true" 43 } 44 ], 45 "timestamp": "2020-10-02T17:09:08Z" 46 }, 47 { 48 "meta": [ 49 { 50 "key": "source_ip", 51 "value": "91.121.79.195" 52 }, 53 { 54 "key": "IsoCode", 55 "value": "FR" 56 }, 57 { 58 "key": "log_type", 59 "value": "ssh_failed-auth" 60 }, 61 { 62 "key": "service", 63 "value": "ssh" 64 }, 65 { 66 "key": "IsInEU", 67 "value": "true" 68 }, 69 { 70 "key": "ASNNumber", 71 "value": "16276" 72 }, 73 { 74 "key": "ASNOrg", 75 "value": "OVH SAS" 76 }, 77 { 78 "key": "SourceRange", 79 "value": "91.121.72.0/21" 80 }, 81 { 82 "key": "target_user", 83 "value": "root" 84 } 85 ], 86 "timestamp": "2020-10-02T17:09:08Z" 87 }, 88 { 89 "meta": [ 90 { 91 "key": "target_user", 92 "value": "root" 93 }, 94 { 95 "key": "IsInEU", 96 "value": "true" 97 }, 98 { 99 "key": "ASNNumber", 100 "value": "16276" 101 }, 102 { 103 "key": "service", 104 "value": "ssh" 105 }, 106 { 107 "key": "log_type", 108 "value": "ssh_failed-auth" 109 }, 110 { 111 "key": "source_ip", 112 "value": "91.121.79.195" 113 }, 114 { 115 "key": "IsoCode", 116 "value": "FR" 117 }, 118 { 119 "key": "ASNOrg", 120 "value": "OVH SAS" 121 }, 122 { 123 "key": "SourceRange", 124 "value": "91.121.72.0/21" 125 } 126 ], 127 "timestamp": "2020-10-02T17:09:08Z" 128 }, 129 { 130 "meta": [ 131 { 132 "key": "ASNNumber", 133 "value": "16276" 134 }, 135 { 136 "key": "ASNOrg", 137 "value": "OVH SAS" 138 }, 139 { 140 "key": "service", 141 "value": "ssh" 142 }, 143 { 144 "key": "source_ip", 145 "value": "91.121.79.195" 146 }, 147 { 148 "key": "IsoCode", 149 "value": "FR" 150 }, 151 { 152 "key": "SourceRange", 153 "value": "91.121.72.0/21" 154 }, 155 { 156 "key": "target_user", 157 "value": "root" 158 }, 159 { 160 "key": "log_type", 161 "value": "ssh_failed-auth" 162 }, 163 { 164 "key": "IsInEU", 165 "value": "true" 166 } 167 ], 168 "timestamp": "2020-10-02T17:09:08Z" 169 }, 170 { 171 "meta": [ 172 { 173 "key": "SourceRange", 174 "value": "91.121.72.0/21" 175 }, 176 { 177 "key": "target_user", 178 "value": "root" 179 }, 180 { 181 "key": "service", 182 "value": "ssh" 183 }, 184 { 185 "key": "log_type", 186 "value": "ssh_failed-auth" 187 }, 188 { 189 "key": "source_ip", 190 "value": "91.121.79.195" 191 }, 192 { 193 "key": "IsoCode", 194 "value": "FR" 195 }, 196 { 197 "key": "IsInEU", 198 "value": "true" 199 }, 200 { 201 "key": "ASNNumber", 202 "value": "16276" 203 }, 204 { 205 "key": "ASNOrg", 206 "value": "OVH SAS" 207 } 208 ], 209 "timestamp": "2020-10-02T17:09:08Z" 210 }, 211 { 212 "meta": [ 213 { 214 "key": "log_type", 215 "value": "ssh_failed-auth" 216 }, 217 { 218 "key": "source_ip", 219 "value": "91.121.79.195" 220 }, 221 { 222 "key": "ASNNumber", 223 "value": "16276" 224 }, 225 { 226 "key": "ASNOrg", 227 "value": "OVH SAS" 228 }, 229 { 230 "key": "SourceRange", 231 "value": "91.121.72.0/21" 232 }, 233 { 234 "key": "target_user", 235 "value": "root" 236 }, 237 { 238 "key": "service", 239 "value": "ssh" 240 }, 241 { 242 "key": "IsoCode", 243 "value": "FR" 244 }, 245 { 246 "key": "IsInEU", 247 "value": "true" 248 } 249 ], 250 "timestamp": "2020-10-02T17:09:08Z" 251 } 252 ], 253 "events_count": 6, 254 "labels": null, 255 "leakspeed": "10s", 256 "message": "Ip 91.121.79.195 performed 'crowdsecurity/ssh-bf' (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 257 "remediation": true, 258 "scenario": "crowdsecurity/ssh-bf", 259 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 260 "scenario_version": "0.1", 261 "simulated": false, 262 "source": { 263 "as_name": "OVH SAS", 264 "cn": "FR", 265 "ip": "91.121.79.195", 266 "latitude": 50.646, 267 "longitude": 3.0758, 268 "range": "91.121.72.0/21", 269 "scope": "Ip", 270 "value": "91.121.79.195" 271 }, 272 "start_at": "2020-10-26T12:52:58.153861334+01:00", 273 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 274 }, 275 { 276 "capacity": 5, 277 "decisions": null, 278 "events": [ 279 { 280 "meta": [ 281 { 282 "key": "IsoCode", 283 "value": "US" 284 }, 285 { 286 "key": "IsInEU", 287 "value": "false" 288 }, 289 { 290 "key": "ASNNumber", 291 "value": "0" 292 }, 293 { 294 "key": "target_user", 295 "value": "ruru" 296 }, 297 { 298 "key": "service", 299 "value": "ssh" 300 }, 301 { 302 "key": "log_type", 303 "value": "ssh_failed-auth" 304 }, 305 { 306 "key": "source_ip", 307 "value": "1.2.3.4" 308 } 309 ], 310 "timestamp": "2020-10-02T17:09:08Z" 311 }, 312 { 313 "meta": [ 314 { 315 "key": "IsInEU", 316 "value": "false" 317 }, 318 { 319 "key": "ASNNumber", 320 "value": "0" 321 }, 322 { 323 "key": "target_user", 324 "value": "ruru" 325 }, 326 { 327 "key": "service", 328 "value": "ssh" 329 }, 330 { 331 "key": "log_type", 332 "value": "ssh_failed-auth" 333 }, 334 { 335 "key": "source_ip", 336 "value": "1.2.3.4" 337 }, 338 { 339 "key": "IsoCode", 340 "value": "US" 341 } 342 ], 343 "timestamp": "2020-10-02T17:09:08Z" 344 }, 345 { 346 "meta": [ 347 { 348 "key": "target_user", 349 "value": "ruru" 350 }, 351 { 352 "key": "service", 353 "value": "ssh" 354 }, 355 { 356 "key": "log_type", 357 "value": "ssh_failed-auth" 358 }, 359 { 360 "key": "source_ip", 361 "value": "1.2.3.4" 362 }, 363 { 364 "key": "IsoCode", 365 "value": "US" 366 }, 367 { 368 "key": "IsInEU", 369 "value": "false" 370 }, 371 { 372 "key": "ASNNumber", 373 "value": "0" 374 } 375 ], 376 "timestamp": "2020-10-02T17:09:08Z" 377 }, 378 { 379 "meta": [ 380 { 381 "key": "target_user", 382 "value": "ruru" 383 }, 384 { 385 "key": "service", 386 "value": "ssh" 387 }, 388 { 389 "key": "log_type", 390 "value": "ssh_failed-auth" 391 }, 392 { 393 "key": "source_ip", 394 "value": "1.2.3.4" 395 }, 396 { 397 "key": "IsoCode", 398 "value": "US" 399 }, 400 { 401 "key": "IsInEU", 402 "value": "false" 403 }, 404 { 405 "key": "ASNNumber", 406 "value": "0" 407 } 408 ], 409 "timestamp": "2020-10-02T17:09:08Z" 410 }, 411 { 412 "meta": [ 413 { 414 "key": "service", 415 "value": "ssh" 416 }, 417 { 418 "key": "log_type", 419 "value": "ssh_failed-auth" 420 }, 421 { 422 "key": "source_ip", 423 "value": "1.2.3.4" 424 }, 425 { 426 "key": "IsoCode", 427 "value": "US" 428 }, 429 { 430 "key": "IsInEU", 431 "value": "false" 432 }, 433 { 434 "key": "ASNNumber", 435 "value": "0" 436 }, 437 { 438 "key": "target_user", 439 "value": "ruru" 440 } 441 ], 442 "timestamp": "2020-10-02T17:09:08Z" 443 }, 444 { 445 "meta": [ 446 { 447 "key": "log_type", 448 "value": "ssh_failed-auth" 449 }, 450 { 451 "key": "source_ip", 452 "value": "1.2.3.4" 453 }, 454 { 455 "key": "IsoCode", 456 "value": "US" 457 }, 458 { 459 "key": "IsInEU", 460 "value": "false" 461 }, 462 { 463 "key": "ASNNumber", 464 "value": "0" 465 }, 466 { 467 "key": "target_user", 468 "value": "ruru" 469 }, 470 { 471 "key": "service", 472 "value": "ssh" 473 } 474 ], 475 "timestamp": "2020-10-02T17:09:08Z" 476 } 477 ], 478 "events_count": 6, 479 "labels": null, 480 "leakspeed": "10s", 481 "message": "Ip 1.2.3.4 performed 'crowdsecurity/ssh-bf' (6 events over 41.41343ms) at 2020-10-26 12:54:48.786745305 +0100 CET m=+118.777986380", 482 "remediation": true, 483 "scenario": "crowdsecurity/ssh-bf", 484 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 485 "scenario_version": "0.1", 486 "simulated": false, 487 "source": { 488 "cn": "US", 489 "ip": "1.2.3.4", 490 "latitude": 47.913, 491 "longitude": -122.3042, 492 "scope": "Ip", 493 "value": "1.2.3.4" 494 }, 495 "start_at": "2020-10-26T12:54:48.745331839+01:00", 496 "stop_at": "2020-10-26T12:54:48.786744746+01:00" 497 }, 498 { 499 "capacity": 5, 500 "decisions": null, 501 "events": [ 502 { 503 "meta": [ 504 { 505 "key": "target_user", 506 "value": "rura" 507 }, 508 { 509 "key": "service", 510 "value": "ssh" 511 }, 512 { 513 "key": "log_type", 514 "value": "ssh_failed-auth" 515 }, 516 { 517 "key": "source_ip", 518 "value": "1.2.3.6" 519 }, 520 { 521 "key": "IsoCode", 522 "value": "US" 523 }, 524 { 525 "key": "IsInEU", 526 "value": "false" 527 }, 528 { 529 "key": "ASNNumber", 530 "value": "0" 531 } 532 ], 533 "timestamp": "2020-10-02T17:09:08Z" 534 }, 535 { 536 "meta": [ 537 { 538 "key": "source_ip", 539 "value": "1.2.3.6" 540 }, 541 { 542 "key": "IsoCode", 543 "value": "US" 544 }, 545 { 546 "key": "IsInEU", 547 "value": "false" 548 }, 549 { 550 "key": "ASNNumber", 551 "value": "0" 552 }, 553 { 554 "key": "target_user", 555 "value": "rura" 556 }, 557 { 558 "key": "service", 559 "value": "ssh" 560 }, 561 { 562 "key": "log_type", 563 "value": "ssh_failed-auth" 564 } 565 ], 566 "timestamp": "2020-10-02T17:09:08Z" 567 }, 568 { 569 "meta": [ 570 { 571 "key": "service", 572 "value": "ssh" 573 }, 574 { 575 "key": "log_type", 576 "value": "ssh_failed-auth" 577 }, 578 { 579 "key": "source_ip", 580 "value": "1.2.3.6" 581 }, 582 { 583 "key": "IsoCode", 584 "value": "US" 585 }, 586 { 587 "key": "IsInEU", 588 "value": "false" 589 }, 590 { 591 "key": "ASNNumber", 592 "value": "0" 593 }, 594 { 595 "key": "target_user", 596 "value": "rura" 597 } 598 ], 599 "timestamp": "2020-10-02T17:09:08Z" 600 }, 601 { 602 "meta": [ 603 { 604 "key": "service", 605 "value": "ssh" 606 }, 607 { 608 "key": "log_type", 609 "value": "ssh_failed-auth" 610 }, 611 { 612 "key": "source_ip", 613 "value": "1.2.3.6" 614 }, 615 { 616 "key": "IsoCode", 617 "value": "US" 618 }, 619 { 620 "key": "IsInEU", 621 "value": "false" 622 }, 623 { 624 "key": "ASNNumber", 625 "value": "0" 626 }, 627 { 628 "key": "target_user", 629 "value": "rura" 630 } 631 ], 632 "timestamp": "2020-10-02T17:09:08Z" 633 }, 634 { 635 "meta": [ 636 { 637 "key": "target_user", 638 "value": "rura" 639 }, 640 { 641 "key": "service", 642 "value": "ssh" 643 }, 644 { 645 "key": "log_type", 646 "value": "ssh_failed-auth" 647 }, 648 { 649 "key": "source_ip", 650 "value": "1.2.3.6" 651 }, 652 { 653 "key": "IsoCode", 654 "value": "US" 655 }, 656 { 657 "key": "IsInEU", 658 "value": "false" 659 }, 660 { 661 "key": "ASNNumber", 662 "value": "0" 663 } 664 ], 665 "timestamp": "2020-10-02T17:09:08Z" 666 }, 667 { 668 "meta": [ 669 { 670 "key": "target_user", 671 "value": "rura" 672 }, 673 { 674 "key": "service", 675 "value": "ssh" 676 }, 677 { 678 "key": "log_type", 679 "value": "ssh_failed-auth" 680 }, 681 { 682 "key": "source_ip", 683 "value": "1.2.3.6" 684 }, 685 { 686 "key": "IsoCode", 687 "value": "US" 688 }, 689 { 690 "key": "IsInEU", 691 "value": "false" 692 }, 693 { 694 "key": "ASNNumber", 695 "value": "0" 696 } 697 ], 698 "timestamp": "2020-10-02T17:09:08Z" 699 } 700 ], 701 "events_count": 6, 702 "labels": null, 703 "leakspeed": "10s", 704 "message": "Ip 1.2.3.6 performed 'crowdsecurity/ssh-bf' (6 events over 33.162937ms) at 2020-10-26 12:55:33.554883657 +0100 CET m=+163.546124740", 705 "remediation": true, 706 "scenario": "crowdsecurity/ssh-bf", 707 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 708 "scenario_version": "0.1", 709 "simulated": false, 710 "source": { 711 "cn": "US", 712 "ip": "1.2.3.6", 713 "latitude": 47.913, 714 "longitude": -122.3042, 715 "scope": "Ip", 716 "value": "1.2.3.6" 717 }, 718 "start_at": "2020-10-26T12:55:33.521720645+01:00", 719 "stop_at": "2020-10-26T12:55:33.554882819+01:00" 720 }, 721 { 722 "capacity": 5, 723 "decisions": null, 724 "events": [ 725 { 726 "meta": [ 727 { 728 "key": "ASNOrg", 729 "value": "OVH SAS" 730 }, 731 { 732 "key": "SourceRange", 733 "value": "91.121.72.0/21" 734 }, 735 { 736 "key": "target_user", 737 "value": "root" 738 }, 739 { 740 "key": "source_ip", 741 "value": "91.121.79.194" 742 }, 743 { 744 "key": "IsoCode", 745 "value": "FR" 746 }, 747 { 748 "key": "ASNNumber", 749 "value": "16276" 750 }, 751 { 752 "key": "service", 753 "value": "ssh" 754 }, 755 { 756 "key": "log_type", 757 "value": "ssh_failed-auth" 758 }, 759 { 760 "key": "IsInEU", 761 "value": "true" 762 } 763 ], 764 "timestamp": "2020-10-02T17:09:08Z" 765 }, 766 { 767 "meta": [ 768 { 769 "key": "source_ip", 770 "value": "91.121.79.194" 771 }, 772 { 773 "key": "IsoCode", 774 "value": "FR" 775 }, 776 { 777 "key": "log_type", 778 "value": "ssh_failed-auth" 779 }, 780 { 781 "key": "service", 782 "value": "ssh" 783 }, 784 { 785 "key": "IsInEU", 786 "value": "true" 787 }, 788 { 789 "key": "ASNNumber", 790 "value": "16276" 791 }, 792 { 793 "key": "ASNOrg", 794 "value": "OVH SAS" 795 }, 796 { 797 "key": "SourceRange", 798 "value": "91.121.72.0/21" 799 }, 800 { 801 "key": "target_user", 802 "value": "root" 803 } 804 ], 805 "timestamp": "2020-10-02T17:09:08Z" 806 }, 807 { 808 "meta": [ 809 { 810 "key": "target_user", 811 "value": "root" 812 }, 813 { 814 "key": "IsInEU", 815 "value": "true" 816 }, 817 { 818 "key": "ASNNumber", 819 "value": "16276" 820 }, 821 { 822 "key": "service", 823 "value": "ssh" 824 }, 825 { 826 "key": "log_type", 827 "value": "ssh_failed-auth" 828 }, 829 { 830 "key": "source_ip", 831 "value": "91.121.79.194" 832 }, 833 { 834 "key": "IsoCode", 835 "value": "FR" 836 }, 837 { 838 "key": "ASNOrg", 839 "value": "OVH SAS" 840 }, 841 { 842 "key": "SourceRange", 843 "value": "91.121.72.0/21" 844 } 845 ], 846 "timestamp": "2020-10-02T17:09:08Z" 847 }, 848 { 849 "meta": [ 850 { 851 "key": "ASNNumber", 852 "value": "16276" 853 }, 854 { 855 "key": "ASNOrg", 856 "value": "OVH SAS" 857 }, 858 { 859 "key": "service", 860 "value": "ssh" 861 }, 862 { 863 "key": "source_ip", 864 "value": "91.121.79.194" 865 }, 866 { 867 "key": "IsoCode", 868 "value": "FR" 869 }, 870 { 871 "key": "SourceRange", 872 "value": "91.121.72.0/21" 873 }, 874 { 875 "key": "target_user", 876 "value": "root" 877 }, 878 { 879 "key": "log_type", 880 "value": "ssh_failed-auth" 881 }, 882 { 883 "key": "IsInEU", 884 "value": "true" 885 } 886 ], 887 "timestamp": "2020-10-02T17:09:08Z" 888 }, 889 { 890 "meta": [ 891 { 892 "key": "SourceRange", 893 "value": "91.121.72.0/21" 894 }, 895 { 896 "key": "target_user", 897 "value": "root" 898 }, 899 { 900 "key": "service", 901 "value": "ssh" 902 }, 903 { 904 "key": "log_type", 905 "value": "ssh_failed-auth" 906 }, 907 { 908 "key": "source_ip", 909 "value": "91.121.79.194" 910 }, 911 { 912 "key": "IsoCode", 913 "value": "FR" 914 }, 915 { 916 "key": "IsInEU", 917 "value": "true" 918 }, 919 { 920 "key": "ASNNumber", 921 "value": "16276" 922 }, 923 { 924 "key": "ASNOrg", 925 "value": "OVH SAS" 926 } 927 ], 928 "timestamp": "2020-10-02T17:09:08Z" 929 }, 930 { 931 "meta": [ 932 { 933 "key": "log_type", 934 "value": "ssh_failed-auth" 935 }, 936 { 937 "key": "source_ip", 938 "value": "91.121.79.194" 939 }, 940 { 941 "key": "ASNNumber", 942 "value": "16276" 943 }, 944 { 945 "key": "ASNOrg", 946 "value": "OVH SAS" 947 }, 948 { 949 "key": "SourceRange", 950 "value": "91.121.72.0/21" 951 }, 952 { 953 "key": "target_user", 954 "value": "root" 955 }, 956 { 957 "key": "service", 958 "value": "ssh" 959 }, 960 { 961 "key": "IsoCode", 962 "value": "FR" 963 }, 964 { 965 "key": "IsInEU", 966 "value": "true" 967 } 968 ], 969 "timestamp": "2020-10-02T17:09:08Z" 970 } 971 ], 972 "events_count": 6, 973 "labels": null, 974 "leakspeed": "10s", 975 "message": "Ip 91.121.79.194 performed 'crowdsecurity/ssh-bf' (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 976 "remediation": true, 977 "scenario": "crowdsecurity/ssh-bf", 978 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 979 "scenario_version": "0.1", 980 "simulated": false, 981 "source": { 982 "as_name": "OVH SAS", 983 "cn": "FR", 984 "ip": "91.121.79.194", 985 "latitude": 50.646, 986 "longitude": 3.0758, 987 "range": "91.121.72.0/21", 988 "scope": "Ip", 989 "value": "91.121.79.194" 990 }, 991 "start_at": "2020-10-26T12:52:58.153861334+01:00", 992 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 993 }, 994 { 995 "capacity": 5, 996 "decisions": null, 997 "events": [ 998 { 999 "meta": [ 1000 { 1001 "key": "ASNOrg", 1002 "value": "OVH SAS" 1003 }, 1004 { 1005 "key": "SourceRange", 1006 "value": "91.121.72.0/21" 1007 }, 1008 { 1009 "key": "target_user", 1010 "value": "root" 1011 }, 1012 { 1013 "key": "source_ip", 1014 "value": "91.121.79.193" 1015 }, 1016 { 1017 "key": "IsoCode", 1018 "value": "FR" 1019 }, 1020 { 1021 "key": "ASNNumber", 1022 "value": "16276" 1023 }, 1024 { 1025 "key": "service", 1026 "value": "ssh" 1027 }, 1028 { 1029 "key": "log_type", 1030 "value": "ssh_failed-auth" 1031 }, 1032 { 1033 "key": "IsInEU", 1034 "value": "true" 1035 } 1036 ], 1037 "timestamp": "2020-10-02T17:09:08Z" 1038 }, 1039 { 1040 "meta": [ 1041 { 1042 "key": "source_ip", 1043 "value": "91.121.79.193" 1044 }, 1045 { 1046 "key": "IsoCode", 1047 "value": "FR" 1048 }, 1049 { 1050 "key": "log_type", 1051 "value": "ssh_failed-auth" 1052 }, 1053 { 1054 "key": "service", 1055 "value": "ssh" 1056 }, 1057 { 1058 "key": "IsInEU", 1059 "value": "true" 1060 }, 1061 { 1062 "key": "ASNNumber", 1063 "value": "16276" 1064 }, 1065 { 1066 "key": "ASNOrg", 1067 "value": "OVH SAS" 1068 }, 1069 { 1070 "key": "SourceRange", 1071 "value": "91.121.72.0/21" 1072 }, 1073 { 1074 "key": "target_user", 1075 "value": "root" 1076 } 1077 ], 1078 "timestamp": "2020-10-02T17:09:08Z" 1079 }, 1080 { 1081 "meta": [ 1082 { 1083 "key": "target_user", 1084 "value": "root" 1085 }, 1086 { 1087 "key": "IsInEU", 1088 "value": "true" 1089 }, 1090 { 1091 "key": "ASNNumber", 1092 "value": "16276" 1093 }, 1094 { 1095 "key": "service", 1096 "value": "ssh" 1097 }, 1098 { 1099 "key": "log_type", 1100 "value": "ssh_failed-auth" 1101 }, 1102 { 1103 "key": "source_ip", 1104 "value": "91.121.79.193" 1105 }, 1106 { 1107 "key": "IsoCode", 1108 "value": "FR" 1109 }, 1110 { 1111 "key": "ASNOrg", 1112 "value": "OVH SAS" 1113 }, 1114 { 1115 "key": "SourceRange", 1116 "value": "91.121.72.0/21" 1117 } 1118 ], 1119 "timestamp": "2020-10-02T17:09:08Z" 1120 }, 1121 { 1122 "meta": [ 1123 { 1124 "key": "ASNNumber", 1125 "value": "16276" 1126 }, 1127 { 1128 "key": "ASNOrg", 1129 "value": "OVH SAS" 1130 }, 1131 { 1132 "key": "service", 1133 "value": "ssh" 1134 }, 1135 { 1136 "key": "source_ip", 1137 "value": "91.121.79.193" 1138 }, 1139 { 1140 "key": "IsoCode", 1141 "value": "FR" 1142 }, 1143 { 1144 "key": "SourceRange", 1145 "value": "91.121.72.0/21" 1146 }, 1147 { 1148 "key": "target_user", 1149 "value": "root" 1150 }, 1151 { 1152 "key": "log_type", 1153 "value": "ssh_failed-auth" 1154 }, 1155 { 1156 "key": "IsInEU", 1157 "value": "true" 1158 } 1159 ], 1160 "timestamp": "2020-10-02T17:09:08Z" 1161 }, 1162 { 1163 "meta": [ 1164 { 1165 "key": "SourceRange", 1166 "value": "91.121.72.0/21" 1167 }, 1168 { 1169 "key": "target_user", 1170 "value": "root" 1171 }, 1172 { 1173 "key": "service", 1174 "value": "ssh" 1175 }, 1176 { 1177 "key": "log_type", 1178 "value": "ssh_failed-auth" 1179 }, 1180 { 1181 "key": "source_ip", 1182 "value": "91.121.79.193" 1183 }, 1184 { 1185 "key": "IsoCode", 1186 "value": "FR" 1187 }, 1188 { 1189 "key": "IsInEU", 1190 "value": "true" 1191 }, 1192 { 1193 "key": "ASNNumber", 1194 "value": "16276" 1195 }, 1196 { 1197 "key": "ASNOrg", 1198 "value": "OVH SAS" 1199 } 1200 ], 1201 "timestamp": "2020-10-02T17:09:08Z" 1202 }, 1203 { 1204 "meta": [ 1205 { 1206 "key": "log_type", 1207 "value": "ssh_failed-auth" 1208 }, 1209 { 1210 "key": "source_ip", 1211 "value": "91.121.79.193" 1212 }, 1213 { 1214 "key": "ASNNumber", 1215 "value": "16276" 1216 }, 1217 { 1218 "key": "ASNOrg", 1219 "value": "OVH SAS" 1220 }, 1221 { 1222 "key": "SourceRange", 1223 "value": "91.121.72.0/21" 1224 }, 1225 { 1226 "key": "target_user", 1227 "value": "root" 1228 }, 1229 { 1230 "key": "service", 1231 "value": "ssh" 1232 }, 1233 { 1234 "key": "IsoCode", 1235 "value": "FR" 1236 }, 1237 { 1238 "key": "IsInEU", 1239 "value": "true" 1240 } 1241 ], 1242 "timestamp": "2020-10-02T17:09:08Z" 1243 } 1244 ], 1245 "events_count": 6, 1246 "labels": null, 1247 "leakspeed": "10s", 1248 "message": "Ip 91.121.79.193 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 1249 "remediation": true, 1250 "scenario": "crowdsecurity/ssh-bf", 1251 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 1252 "scenario_version": "0.1", 1253 "simulated": false, 1254 "source": { 1255 "as_name": "OVH SAS", 1256 "cn": "FR", 1257 "ip": "91.121.79.193", 1258 "latitude": 50.646, 1259 "longitude": 3.0758, 1260 "range": "91.121.72.0/21", 1261 "scope": "Ip", 1262 "value": "91.121.79.193" 1263 }, 1264 "start_at": "2020-10-26T12:52:58.153861334+01:00", 1265 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 1266 }, 1267 { 1268 "capacity": 5, 1269 "decisions": null, 1270 "events": [ 1271 { 1272 "meta": [ 1273 { 1274 "key": "ASNOrg", 1275 "value": "OVH SAS" 1276 }, 1277 { 1278 "key": "SourceRange", 1279 "value": "91.121.72.0/21" 1280 }, 1281 { 1282 "key": "target_user", 1283 "value": "root" 1284 }, 1285 { 1286 "key": "source_ip", 1287 "value": "91.121.79.192" 1288 }, 1289 { 1290 "key": "IsoCode", 1291 "value": "FR" 1292 }, 1293 { 1294 "key": "ASNNumber", 1295 "value": "16276" 1296 }, 1297 { 1298 "key": "service", 1299 "value": "ssh" 1300 }, 1301 { 1302 "key": "log_type", 1303 "value": "ssh_failed-auth" 1304 }, 1305 { 1306 "key": "IsInEU", 1307 "value": "true" 1308 } 1309 ], 1310 "timestamp": "2020-10-02T17:09:08Z" 1311 }, 1312 { 1313 "meta": [ 1314 { 1315 "key": "source_ip", 1316 "value": "91.121.79.192" 1317 }, 1318 { 1319 "key": "IsoCode", 1320 "value": "FR" 1321 }, 1322 { 1323 "key": "log_type", 1324 "value": "ssh_failed-auth" 1325 }, 1326 { 1327 "key": "service", 1328 "value": "ssh" 1329 }, 1330 { 1331 "key": "IsInEU", 1332 "value": "true" 1333 }, 1334 { 1335 "key": "ASNNumber", 1336 "value": "16276" 1337 }, 1338 { 1339 "key": "ASNOrg", 1340 "value": "OVH SAS" 1341 }, 1342 { 1343 "key": "SourceRange", 1344 "value": "91.121.72.0/21" 1345 }, 1346 { 1347 "key": "target_user", 1348 "value": "root" 1349 } 1350 ], 1351 "timestamp": "2020-10-02T17:09:08Z" 1352 }, 1353 { 1354 "meta": [ 1355 { 1356 "key": "target_user", 1357 "value": "root" 1358 }, 1359 { 1360 "key": "IsInEU", 1361 "value": "true" 1362 }, 1363 { 1364 "key": "ASNNumber", 1365 "value": "16276" 1366 }, 1367 { 1368 "key": "service", 1369 "value": "ssh" 1370 }, 1371 { 1372 "key": "log_type", 1373 "value": "ssh_failed-auth" 1374 }, 1375 { 1376 "key": "source_ip", 1377 "value": "91.121.79.192" 1378 }, 1379 { 1380 "key": "IsoCode", 1381 "value": "FR" 1382 }, 1383 { 1384 "key": "ASNOrg", 1385 "value": "OVH SAS" 1386 }, 1387 { 1388 "key": "SourceRange", 1389 "value": "91.121.72.0/21" 1390 } 1391 ], 1392 "timestamp": "2020-10-02T17:09:08Z" 1393 }, 1394 { 1395 "meta": [ 1396 { 1397 "key": "ASNNumber", 1398 "value": "16276" 1399 }, 1400 { 1401 "key": "ASNOrg", 1402 "value": "OVH SAS" 1403 }, 1404 { 1405 "key": "service", 1406 "value": "ssh" 1407 }, 1408 { 1409 "key": "source_ip", 1410 "value": "91.121.79.192" 1411 }, 1412 { 1413 "key": "IsoCode", 1414 "value": "FR" 1415 }, 1416 { 1417 "key": "SourceRange", 1418 "value": "91.121.72.0/21" 1419 }, 1420 { 1421 "key": "target_user", 1422 "value": "root" 1423 }, 1424 { 1425 "key": "log_type", 1426 "value": "ssh_failed-auth" 1427 }, 1428 { 1429 "key": "IsInEU", 1430 "value": "true" 1431 } 1432 ], 1433 "timestamp": "2020-10-02T17:09:08Z" 1434 }, 1435 { 1436 "meta": [ 1437 { 1438 "key": "SourceRange", 1439 "value": "91.121.72.0/21" 1440 }, 1441 { 1442 "key": "target_user", 1443 "value": "root" 1444 }, 1445 { 1446 "key": "service", 1447 "value": "ssh" 1448 }, 1449 { 1450 "key": "log_type", 1451 "value": "ssh_failed-auth" 1452 }, 1453 { 1454 "key": "source_ip", 1455 "value": "91.121.79.192" 1456 }, 1457 { 1458 "key": "IsoCode", 1459 "value": "FR" 1460 }, 1461 { 1462 "key": "IsInEU", 1463 "value": "true" 1464 }, 1465 { 1466 "key": "ASNNumber", 1467 "value": "16276" 1468 }, 1469 { 1470 "key": "ASNOrg", 1471 "value": "OVH SAS" 1472 } 1473 ], 1474 "timestamp": "2020-10-02T17:09:08Z" 1475 }, 1476 { 1477 "meta": [ 1478 { 1479 "key": "log_type", 1480 "value": "ssh_failed-auth" 1481 }, 1482 { 1483 "key": "source_ip", 1484 "value": "91.121.79.192" 1485 }, 1486 { 1487 "key": "ASNNumber", 1488 "value": "16276" 1489 }, 1490 { 1491 "key": "ASNOrg", 1492 "value": "OVH SAS" 1493 }, 1494 { 1495 "key": "SourceRange", 1496 "value": "91.121.72.0/21" 1497 }, 1498 { 1499 "key": "target_user", 1500 "value": "root" 1501 }, 1502 { 1503 "key": "service", 1504 "value": "ssh" 1505 }, 1506 { 1507 "key": "IsoCode", 1508 "value": "FR" 1509 }, 1510 { 1511 "key": "IsInEU", 1512 "value": "true" 1513 } 1514 ], 1515 "timestamp": "2020-10-02T17:09:08Z" 1516 } 1517 ], 1518 "events_count": 6, 1519 "labels": null, 1520 "leakspeed": "10s", 1521 "message": "Ip 91.121.79.192 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 1522 "remediation": true, 1523 "scenario": "crowdsecurity/ssh-bf", 1524 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 1525 "scenario_version": "0.1", 1526 "simulated": false, 1527 "source": { 1528 "as_name": "OVH SAS", 1529 "cn": "FR", 1530 "ip": "91.121.79.192", 1531 "latitude": 50.646, 1532 "longitude": 3.0758, 1533 "range": "91.121.72.0/21", 1534 "scope": "Ip", 1535 "value": "91.121.79.192" 1536 }, 1537 "start_at": "2020-10-26T12:52:58.153861334+01:00", 1538 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 1539 }, 1540 { 1541 "capacity": 5, 1542 "decisions": null, 1543 "events": [ 1544 { 1545 "meta": [ 1546 { 1547 "key": "ASNOrg", 1548 "value": "OVH SAS" 1549 }, 1550 { 1551 "key": "SourceRange", 1552 "value": "91.121.72.0/21" 1553 }, 1554 { 1555 "key": "target_user", 1556 "value": "root" 1557 }, 1558 { 1559 "key": "source_ip", 1560 "value": "91.121.79.191" 1561 }, 1562 { 1563 "key": "IsoCode", 1564 "value": "FR" 1565 }, 1566 { 1567 "key": "ASNNumber", 1568 "value": "16276" 1569 }, 1570 { 1571 "key": "service", 1572 "value": "ssh" 1573 }, 1574 { 1575 "key": "log_type", 1576 "value": "ssh_failed-auth" 1577 }, 1578 { 1579 "key": "IsInEU", 1580 "value": "true" 1581 } 1582 ], 1583 "timestamp": "2020-10-02T17:09:08Z" 1584 }, 1585 { 1586 "meta": [ 1587 { 1588 "key": "source_ip", 1589 "value": "91.121.79.191" 1590 }, 1591 { 1592 "key": "IsoCode", 1593 "value": "FR" 1594 }, 1595 { 1596 "key": "log_type", 1597 "value": "ssh_failed-auth" 1598 }, 1599 { 1600 "key": "service", 1601 "value": "ssh" 1602 }, 1603 { 1604 "key": "IsInEU", 1605 "value": "true" 1606 }, 1607 { 1608 "key": "ASNNumber", 1609 "value": "16276" 1610 }, 1611 { 1612 "key": "ASNOrg", 1613 "value": "OVH SAS" 1614 }, 1615 { 1616 "key": "SourceRange", 1617 "value": "91.121.72.0/21" 1618 }, 1619 { 1620 "key": "target_user", 1621 "value": "root" 1622 } 1623 ], 1624 "timestamp": "2020-10-02T17:09:08Z" 1625 }, 1626 { 1627 "meta": [ 1628 { 1629 "key": "target_user", 1630 "value": "root" 1631 }, 1632 { 1633 "key": "IsInEU", 1634 "value": "true" 1635 }, 1636 { 1637 "key": "ASNNumber", 1638 "value": "16276" 1639 }, 1640 { 1641 "key": "service", 1642 "value": "ssh" 1643 }, 1644 { 1645 "key": "log_type", 1646 "value": "ssh_failed-auth" 1647 }, 1648 { 1649 "key": "source_ip", 1650 "value": "91.121.79.191" 1651 }, 1652 { 1653 "key": "IsoCode", 1654 "value": "FR" 1655 }, 1656 { 1657 "key": "ASNOrg", 1658 "value": "OVH SAS" 1659 }, 1660 { 1661 "key": "SourceRange", 1662 "value": "91.121.72.0/21" 1663 } 1664 ], 1665 "timestamp": "2020-10-02T17:09:08Z" 1666 }, 1667 { 1668 "meta": [ 1669 { 1670 "key": "ASNNumber", 1671 "value": "16276" 1672 }, 1673 { 1674 "key": "ASNOrg", 1675 "value": "OVH SAS" 1676 }, 1677 { 1678 "key": "service", 1679 "value": "ssh" 1680 }, 1681 { 1682 "key": "source_ip", 1683 "value": "91.121.79.191" 1684 }, 1685 { 1686 "key": "IsoCode", 1687 "value": "FR" 1688 }, 1689 { 1690 "key": "SourceRange", 1691 "value": "91.121.72.0/21" 1692 }, 1693 { 1694 "key": "target_user", 1695 "value": "root" 1696 }, 1697 { 1698 "key": "log_type", 1699 "value": "ssh_failed-auth" 1700 }, 1701 { 1702 "key": "IsInEU", 1703 "value": "true" 1704 } 1705 ], 1706 "timestamp": "2020-10-02T17:09:08Z" 1707 }, 1708 { 1709 "meta": [ 1710 { 1711 "key": "SourceRange", 1712 "value": "91.121.72.0/21" 1713 }, 1714 { 1715 "key": "target_user", 1716 "value": "root" 1717 }, 1718 { 1719 "key": "service", 1720 "value": "ssh" 1721 }, 1722 { 1723 "key": "log_type", 1724 "value": "ssh_failed-auth" 1725 }, 1726 { 1727 "key": "source_ip", 1728 "value": "91.121.79.191" 1729 }, 1730 { 1731 "key": "IsoCode", 1732 "value": "FR" 1733 }, 1734 { 1735 "key": "IsInEU", 1736 "value": "true" 1737 }, 1738 { 1739 "key": "ASNNumber", 1740 "value": "16276" 1741 }, 1742 { 1743 "key": "ASNOrg", 1744 "value": "OVH SAS" 1745 } 1746 ], 1747 "timestamp": "2020-10-02T17:09:08Z" 1748 }, 1749 { 1750 "meta": [ 1751 { 1752 "key": "log_type", 1753 "value": "ssh_failed-auth" 1754 }, 1755 { 1756 "key": "source_ip", 1757 "value": "91.121.79.191" 1758 }, 1759 { 1760 "key": "ASNNumber", 1761 "value": "16276" 1762 }, 1763 { 1764 "key": "ASNOrg", 1765 "value": "OVH SAS" 1766 }, 1767 { 1768 "key": "SourceRange", 1769 "value": "91.121.72.0/21" 1770 }, 1771 { 1772 "key": "target_user", 1773 "value": "root" 1774 }, 1775 { 1776 "key": "service", 1777 "value": "ssh" 1778 }, 1779 { 1780 "key": "IsoCode", 1781 "value": "FR" 1782 }, 1783 { 1784 "key": "IsInEU", 1785 "value": "true" 1786 } 1787 ], 1788 "timestamp": "2020-10-02T17:09:08Z" 1789 } 1790 ], 1791 "events_count": 6, 1792 "labels": null, 1793 "leakspeed": "10s", 1794 "message": "Ip 91.121.79.191 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 1795 "remediation": true, 1796 "scenario": "crowdsecurity/ssh-bf", 1797 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 1798 "scenario_version": "0.1", 1799 "simulated": false, 1800 "source": { 1801 "as_name": "OVH SAS", 1802 "cn": "FR", 1803 "ip": "91.121.79.191", 1804 "latitude": 50.646, 1805 "longitude": 3.0758, 1806 "range": "91.121.72.0/21", 1807 "scope": "Ip", 1808 "value": "91.121.79.191" 1809 }, 1810 "start_at": "2020-10-26T12:52:58.153861334+01:00", 1811 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 1812 }, 1813 { 1814 "capacity": 5, 1815 "decisions": null, 1816 "events": [ 1817 { 1818 "meta": [ 1819 { 1820 "key": "ASNOrg", 1821 "value": "OVH SAS" 1822 }, 1823 { 1824 "key": "SourceRange", 1825 "value": "91.121.72.0/21" 1826 }, 1827 { 1828 "key": "target_user", 1829 "value": "root" 1830 }, 1831 { 1832 "key": "source_ip", 1833 "value": "91.121.79.190" 1834 }, 1835 { 1836 "key": "IsoCode", 1837 "value": "FR" 1838 }, 1839 { 1840 "key": "ASNNumber", 1841 "value": "16276" 1842 }, 1843 { 1844 "key": "service", 1845 "value": "ssh" 1846 }, 1847 { 1848 "key": "log_type", 1849 "value": "ssh_failed-auth" 1850 }, 1851 { 1852 "key": "IsInEU", 1853 "value": "true" 1854 } 1855 ], 1856 "timestamp": "2020-10-02T17:09:08Z" 1857 }, 1858 { 1859 "meta": [ 1860 { 1861 "key": "source_ip", 1862 "value": "91.121.79.190" 1863 }, 1864 { 1865 "key": "IsoCode", 1866 "value": "FR" 1867 }, 1868 { 1869 "key": "log_type", 1870 "value": "ssh_failed-auth" 1871 }, 1872 { 1873 "key": "service", 1874 "value": "ssh" 1875 }, 1876 { 1877 "key": "IsInEU", 1878 "value": "true" 1879 }, 1880 { 1881 "key": "ASNNumber", 1882 "value": "16276" 1883 }, 1884 { 1885 "key": "ASNOrg", 1886 "value": "OVH SAS" 1887 }, 1888 { 1889 "key": "SourceRange", 1890 "value": "91.121.72.0/21" 1891 }, 1892 { 1893 "key": "target_user", 1894 "value": "root" 1895 } 1896 ], 1897 "timestamp": "2020-10-02T17:09:08Z" 1898 }, 1899 { 1900 "meta": [ 1901 { 1902 "key": "target_user", 1903 "value": "root" 1904 }, 1905 { 1906 "key": "IsInEU", 1907 "value": "true" 1908 }, 1909 { 1910 "key": "ASNNumber", 1911 "value": "16276" 1912 }, 1913 { 1914 "key": "service", 1915 "value": "ssh" 1916 }, 1917 { 1918 "key": "log_type", 1919 "value": "ssh_failed-auth" 1920 }, 1921 { 1922 "key": "source_ip", 1923 "value": "91.121.79.190" 1924 }, 1925 { 1926 "key": "IsoCode", 1927 "value": "FR" 1928 }, 1929 { 1930 "key": "ASNOrg", 1931 "value": "OVH SAS" 1932 }, 1933 { 1934 "key": "SourceRange", 1935 "value": "91.121.72.0/21" 1936 } 1937 ], 1938 "timestamp": "2020-10-02T17:09:08Z" 1939 }, 1940 { 1941 "meta": [ 1942 { 1943 "key": "ASNNumber", 1944 "value": "16276" 1945 }, 1946 { 1947 "key": "ASNOrg", 1948 "value": "OVH SAS" 1949 }, 1950 { 1951 "key": "service", 1952 "value": "ssh" 1953 }, 1954 { 1955 "key": "source_ip", 1956 "value": "91.121.79.190" 1957 }, 1958 { 1959 "key": "IsoCode", 1960 "value": "FR" 1961 }, 1962 { 1963 "key": "SourceRange", 1964 "value": "91.121.72.0/21" 1965 }, 1966 { 1967 "key": "target_user", 1968 "value": "root" 1969 }, 1970 { 1971 "key": "log_type", 1972 "value": "ssh_failed-auth" 1973 }, 1974 { 1975 "key": "IsInEU", 1976 "value": "true" 1977 } 1978 ], 1979 "timestamp": "2020-10-02T17:09:08Z" 1980 }, 1981 { 1982 "meta": [ 1983 { 1984 "key": "SourceRange", 1985 "value": "91.121.72.0/21" 1986 }, 1987 { 1988 "key": "target_user", 1989 "value": "root" 1990 }, 1991 { 1992 "key": "service", 1993 "value": "ssh" 1994 }, 1995 { 1996 "key": "log_type", 1997 "value": "ssh_failed-auth" 1998 }, 1999 { 2000 "key": "source_ip", 2001 "value": "91.121.79.190" 2002 }, 2003 { 2004 "key": "IsoCode", 2005 "value": "FR" 2006 }, 2007 { 2008 "key": "IsInEU", 2009 "value": "true" 2010 }, 2011 { 2012 "key": "ASNNumber", 2013 "value": "16276" 2014 }, 2015 { 2016 "key": "ASNOrg", 2017 "value": "OVH SAS" 2018 } 2019 ], 2020 "timestamp": "2020-10-02T17:09:08Z" 2021 }, 2022 { 2023 "meta": [ 2024 { 2025 "key": "log_type", 2026 "value": "ssh_failed-auth" 2027 }, 2028 { 2029 "key": "source_ip", 2030 "value": "91.121.79.190" 2031 }, 2032 { 2033 "key": "ASNNumber", 2034 "value": "16276" 2035 }, 2036 { 2037 "key": "ASNOrg", 2038 "value": "OVH SAS" 2039 }, 2040 { 2041 "key": "SourceRange", 2042 "value": "91.121.72.0/21" 2043 }, 2044 { 2045 "key": "target_user", 2046 "value": "root" 2047 }, 2048 { 2049 "key": "service", 2050 "value": "ssh" 2051 }, 2052 { 2053 "key": "IsoCode", 2054 "value": "FR" 2055 }, 2056 { 2057 "key": "IsInEU", 2058 "value": "true" 2059 } 2060 ], 2061 "timestamp": "2020-10-02T17:09:08Z" 2062 } 2063 ], 2064 "events_count": 6, 2065 "labels": null, 2066 "leakspeed": "10s", 2067 "message": "Ip 91.121.79.190 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 2068 "remediation": true, 2069 "scenario": "crowdsecurity/ssh-bf", 2070 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 2071 "scenario_version": "0.1", 2072 "simulated": false, 2073 "source": { 2074 "as_name": "OVH SAS", 2075 "cn": "FR", 2076 "ip": "91.121.79.190", 2077 "latitude": 50.646, 2078 "longitude": 3.0758, 2079 "range": "91.121.72.0/21", 2080 "scope": "Ip", 2081 "value": "91.121.79.190" 2082 }, 2083 "start_at": "2020-10-26T12:52:58.153861334+01:00", 2084 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 2085 }, 2086 { 2087 "capacity": 5, 2088 "decisions": null, 2089 "events": [ 2090 { 2091 "meta": [ 2092 { 2093 "key": "ASNOrg", 2094 "value": "OVH SAS" 2095 }, 2096 { 2097 "key": "SourceRange", 2098 "value": "91.121.72.0/21" 2099 }, 2100 { 2101 "key": "target_user", 2102 "value": "root" 2103 }, 2104 { 2105 "key": "source_ip", 2106 "value": "91.121.79.189" 2107 }, 2108 { 2109 "key": "IsoCode", 2110 "value": "FR" 2111 }, 2112 { 2113 "key": "ASNNumber", 2114 "value": "16276" 2115 }, 2116 { 2117 "key": "service", 2118 "value": "ssh" 2119 }, 2120 { 2121 "key": "log_type", 2122 "value": "ssh_failed-auth" 2123 }, 2124 { 2125 "key": "IsInEU", 2126 "value": "true" 2127 } 2128 ], 2129 "timestamp": "2020-10-02T17:09:08Z" 2130 }, 2131 { 2132 "meta": [ 2133 { 2134 "key": "source_ip", 2135 "value": "91.121.79.189" 2136 }, 2137 { 2138 "key": "IsoCode", 2139 "value": "FR" 2140 }, 2141 { 2142 "key": "log_type", 2143 "value": "ssh_failed-auth" 2144 }, 2145 { 2146 "key": "service", 2147 "value": "ssh" 2148 }, 2149 { 2150 "key": "IsInEU", 2151 "value": "true" 2152 }, 2153 { 2154 "key": "ASNNumber", 2155 "value": "16276" 2156 }, 2157 { 2158 "key": "ASNOrg", 2159 "value": "OVH SAS" 2160 }, 2161 { 2162 "key": "SourceRange", 2163 "value": "91.121.72.0/21" 2164 }, 2165 { 2166 "key": "target_user", 2167 "value": "root" 2168 } 2169 ], 2170 "timestamp": "2020-10-02T17:09:08Z" 2171 }, 2172 { 2173 "meta": [ 2174 { 2175 "key": "target_user", 2176 "value": "root" 2177 }, 2178 { 2179 "key": "IsInEU", 2180 "value": "true" 2181 }, 2182 { 2183 "key": "ASNNumber", 2184 "value": "16276" 2185 }, 2186 { 2187 "key": "service", 2188 "value": "ssh" 2189 }, 2190 { 2191 "key": "log_type", 2192 "value": "ssh_failed-auth" 2193 }, 2194 { 2195 "key": "source_ip", 2196 "value": "91.121.79.189" 2197 }, 2198 { 2199 "key": "IsoCode", 2200 "value": "FR" 2201 }, 2202 { 2203 "key": "ASNOrg", 2204 "value": "OVH SAS" 2205 }, 2206 { 2207 "key": "SourceRange", 2208 "value": "91.121.72.0/21" 2209 } 2210 ], 2211 "timestamp": "2020-10-02T17:09:08Z" 2212 }, 2213 { 2214 "meta": [ 2215 { 2216 "key": "ASNNumber", 2217 "value": "16276" 2218 }, 2219 { 2220 "key": "ASNOrg", 2221 "value": "OVH SAS" 2222 }, 2223 { 2224 "key": "service", 2225 "value": "ssh" 2226 }, 2227 { 2228 "key": "source_ip", 2229 "value": "91.121.79.189" 2230 }, 2231 { 2232 "key": "IsoCode", 2233 "value": "FR" 2234 }, 2235 { 2236 "key": "SourceRange", 2237 "value": "91.121.72.0/21" 2238 }, 2239 { 2240 "key": "target_user", 2241 "value": "root" 2242 }, 2243 { 2244 "key": "log_type", 2245 "value": "ssh_failed-auth" 2246 }, 2247 { 2248 "key": "IsInEU", 2249 "value": "true" 2250 } 2251 ], 2252 "timestamp": "2020-10-02T17:09:08Z" 2253 }, 2254 { 2255 "meta": [ 2256 { 2257 "key": "SourceRange", 2258 "value": "91.121.72.0/21" 2259 }, 2260 { 2261 "key": "target_user", 2262 "value": "root" 2263 }, 2264 { 2265 "key": "service", 2266 "value": "ssh" 2267 }, 2268 { 2269 "key": "log_type", 2270 "value": "ssh_failed-auth" 2271 }, 2272 { 2273 "key": "source_ip", 2274 "value": "91.121.79.189" 2275 }, 2276 { 2277 "key": "IsoCode", 2278 "value": "FR" 2279 }, 2280 { 2281 "key": "IsInEU", 2282 "value": "true" 2283 }, 2284 { 2285 "key": "ASNNumber", 2286 "value": "16276" 2287 }, 2288 { 2289 "key": "ASNOrg", 2290 "value": "OVH SAS" 2291 } 2292 ], 2293 "timestamp": "2020-10-02T17:09:08Z" 2294 }, 2295 { 2296 "meta": [ 2297 { 2298 "key": "log_type", 2299 "value": "ssh_failed-auth" 2300 }, 2301 { 2302 "key": "source_ip", 2303 "value": "91.121.79.189" 2304 }, 2305 { 2306 "key": "ASNNumber", 2307 "value": "16276" 2308 }, 2309 { 2310 "key": "ASNOrg", 2311 "value": "OVH SAS" 2312 }, 2313 { 2314 "key": "SourceRange", 2315 "value": "91.121.72.0/21" 2316 }, 2317 { 2318 "key": "target_user", 2319 "value": "root" 2320 }, 2321 { 2322 "key": "service", 2323 "value": "ssh" 2324 }, 2325 { 2326 "key": "IsoCode", 2327 "value": "FR" 2328 }, 2329 { 2330 "key": "IsInEU", 2331 "value": "true" 2332 } 2333 ], 2334 "timestamp": "2020-10-02T17:09:08Z" 2335 } 2336 ], 2337 "events_count": 6, 2338 "labels": null, 2339 "leakspeed": "10s", 2340 "message": "Ip 91.121.79.189 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 2341 "remediation": true, 2342 "scenario": "crowdsecurity/ssh-bf", 2343 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 2344 "scenario_version": "0.1", 2345 "simulated": false, 2346 "source": { 2347 "as_name": "OVH SAS", 2348 "cn": "FR", 2349 "ip": "91.121.79.189", 2350 "latitude": 50.646, 2351 "longitude": 3.0758, 2352 "range": "91.121.72.0/21", 2353 "scope": "Ip", 2354 "value": "91.121.79.189" 2355 }, 2356 "start_at": "2020-10-26T12:52:58.153861334+01:00", 2357 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 2358 }, 2359 { 2360 "capacity": 5, 2361 "decisions": null, 2362 "events": [ 2363 { 2364 "meta": [ 2365 { 2366 "key": "ASNOrg", 2367 "value": "OVH SAS" 2368 }, 2369 { 2370 "key": "SourceRange", 2371 "value": "91.121.72.0/21" 2372 }, 2373 { 2374 "key": "target_user", 2375 "value": "root" 2376 }, 2377 { 2378 "key": "source_ip", 2379 "value": "91.121.79.188" 2380 }, 2381 { 2382 "key": "IsoCode", 2383 "value": "FR" 2384 }, 2385 { 2386 "key": "ASNNumber", 2387 "value": "16276" 2388 }, 2389 { 2390 "key": "service", 2391 "value": "ssh" 2392 }, 2393 { 2394 "key": "log_type", 2395 "value": "ssh_failed-auth" 2396 }, 2397 { 2398 "key": "IsInEU", 2399 "value": "true" 2400 } 2401 ], 2402 "timestamp": "2020-10-02T17:09:08Z" 2403 }, 2404 { 2405 "meta": [ 2406 { 2407 "key": "source_ip", 2408 "value": "91.121.79.188" 2409 }, 2410 { 2411 "key": "IsoCode", 2412 "value": "FR" 2413 }, 2414 { 2415 "key": "log_type", 2416 "value": "ssh_failed-auth" 2417 }, 2418 { 2419 "key": "service", 2420 "value": "ssh" 2421 }, 2422 { 2423 "key": "IsInEU", 2424 "value": "true" 2425 }, 2426 { 2427 "key": "ASNNumber", 2428 "value": "16276" 2429 }, 2430 { 2431 "key": "ASNOrg", 2432 "value": "OVH SAS" 2433 }, 2434 { 2435 "key": "SourceRange", 2436 "value": "91.121.72.0/21" 2437 }, 2438 { 2439 "key": "target_user", 2440 "value": "root" 2441 } 2442 ], 2443 "timestamp": "2020-10-02T17:09:08Z" 2444 }, 2445 { 2446 "meta": [ 2447 { 2448 "key": "target_user", 2449 "value": "root" 2450 }, 2451 { 2452 "key": "IsInEU", 2453 "value": "true" 2454 }, 2455 { 2456 "key": "ASNNumber", 2457 "value": "16276" 2458 }, 2459 { 2460 "key": "service", 2461 "value": "ssh" 2462 }, 2463 { 2464 "key": "log_type", 2465 "value": "ssh_failed-auth" 2466 }, 2467 { 2468 "key": "source_ip", 2469 "value": "91.121.79.188" 2470 }, 2471 { 2472 "key": "IsoCode", 2473 "value": "FR" 2474 }, 2475 { 2476 "key": "ASNOrg", 2477 "value": "OVH SAS" 2478 }, 2479 { 2480 "key": "SourceRange", 2481 "value": "91.121.72.0/21" 2482 } 2483 ], 2484 "timestamp": "2020-10-02T17:09:08Z" 2485 }, 2486 { 2487 "meta": [ 2488 { 2489 "key": "ASNNumber", 2490 "value": "16276" 2491 }, 2492 { 2493 "key": "ASNOrg", 2494 "value": "OVH SAS" 2495 }, 2496 { 2497 "key": "service", 2498 "value": "ssh" 2499 }, 2500 { 2501 "key": "source_ip", 2502 "value": "91.121.79.188" 2503 }, 2504 { 2505 "key": "IsoCode", 2506 "value": "FR" 2507 }, 2508 { 2509 "key": "SourceRange", 2510 "value": "91.121.72.0/21" 2511 }, 2512 { 2513 "key": "target_user", 2514 "value": "root" 2515 }, 2516 { 2517 "key": "log_type", 2518 "value": "ssh_failed-auth" 2519 }, 2520 { 2521 "key": "IsInEU", 2522 "value": "true" 2523 } 2524 ], 2525 "timestamp": "2020-10-02T17:09:08Z" 2526 }, 2527 { 2528 "meta": [ 2529 { 2530 "key": "SourceRange", 2531 "value": "91.121.72.0/21" 2532 }, 2533 { 2534 "key": "target_user", 2535 "value": "root" 2536 }, 2537 { 2538 "key": "service", 2539 "value": "ssh" 2540 }, 2541 { 2542 "key": "log_type", 2543 "value": "ssh_failed-auth" 2544 }, 2545 { 2546 "key": "source_ip", 2547 "value": "91.121.79.188" 2548 }, 2549 { 2550 "key": "IsoCode", 2551 "value": "FR" 2552 }, 2553 { 2554 "key": "IsInEU", 2555 "value": "true" 2556 }, 2557 { 2558 "key": "ASNNumber", 2559 "value": "16276" 2560 }, 2561 { 2562 "key": "ASNOrg", 2563 "value": "OVH SAS" 2564 } 2565 ], 2566 "timestamp": "2020-10-02T17:09:08Z" 2567 }, 2568 { 2569 "meta": [ 2570 { 2571 "key": "log_type", 2572 "value": "ssh_failed-auth" 2573 }, 2574 { 2575 "key": "source_ip", 2576 "value": "91.121.79.188" 2577 }, 2578 { 2579 "key": "ASNNumber", 2580 "value": "16276" 2581 }, 2582 { 2583 "key": "ASNOrg", 2584 "value": "OVH SAS" 2585 }, 2586 { 2587 "key": "SourceRange", 2588 "value": "91.121.72.0/21" 2589 }, 2590 { 2591 "key": "target_user", 2592 "value": "root" 2593 }, 2594 { 2595 "key": "service", 2596 "value": "ssh" 2597 }, 2598 { 2599 "key": "IsoCode", 2600 "value": "FR" 2601 }, 2602 { 2603 "key": "IsInEU", 2604 "value": "true" 2605 } 2606 ], 2607 "timestamp": "2020-10-02T17:09:08Z" 2608 } 2609 ], 2610 "events_count": 6, 2611 "labels": null, 2612 "leakspeed": "10s", 2613 "message": "Ip 91.121.79.188 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 2614 "remediation": true, 2615 "scenario": "crowdsecurity/ssh-bf", 2616 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 2617 "scenario_version": "0.1", 2618 "simulated": false, 2619 "source": { 2620 "as_name": "OVH SAS", 2621 "cn": "FR", 2622 "ip": "91.121.79.188", 2623 "latitude": 50.646, 2624 "longitude": 3.0758, 2625 "range": "91.121.72.0/21", 2626 "scope": "Ip", 2627 "value": "91.121.79.188" 2628 }, 2629 "start_at": "2020-10-26T12:52:58.153861334+01:00", 2630 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 2631 }, 2632 { 2633 "capacity": 5, 2634 "decisions": null, 2635 "events": [ 2636 { 2637 "meta": [ 2638 { 2639 "key": "ASNOrg", 2640 "value": "OVH SAS" 2641 }, 2642 { 2643 "key": "SourceRange", 2644 "value": "91.121.72.0/21" 2645 }, 2646 { 2647 "key": "target_user", 2648 "value": "root" 2649 }, 2650 { 2651 "key": "source_ip", 2652 "value": "91.121.79.187" 2653 }, 2654 { 2655 "key": "IsoCode", 2656 "value": "FR" 2657 }, 2658 { 2659 "key": "ASNNumber", 2660 "value": "16276" 2661 }, 2662 { 2663 "key": "service", 2664 "value": "ssh" 2665 }, 2666 { 2667 "key": "log_type", 2668 "value": "ssh_failed-auth" 2669 }, 2670 { 2671 "key": "IsInEU", 2672 "value": "true" 2673 } 2674 ], 2675 "timestamp": "2020-10-02T17:09:08Z" 2676 }, 2677 { 2678 "meta": [ 2679 { 2680 "key": "source_ip", 2681 "value": "91.121.79.187" 2682 }, 2683 { 2684 "key": "IsoCode", 2685 "value": "FR" 2686 }, 2687 { 2688 "key": "log_type", 2689 "value": "ssh_failed-auth" 2690 }, 2691 { 2692 "key": "service", 2693 "value": "ssh" 2694 }, 2695 { 2696 "key": "IsInEU", 2697 "value": "true" 2698 }, 2699 { 2700 "key": "ASNNumber", 2701 "value": "16276" 2702 }, 2703 { 2704 "key": "ASNOrg", 2705 "value": "OVH SAS" 2706 }, 2707 { 2708 "key": "SourceRange", 2709 "value": "91.121.72.0/21" 2710 }, 2711 { 2712 "key": "target_user", 2713 "value": "root" 2714 } 2715 ], 2716 "timestamp": "2020-10-02T17:09:08Z" 2717 }, 2718 { 2719 "meta": [ 2720 { 2721 "key": "target_user", 2722 "value": "root" 2723 }, 2724 { 2725 "key": "IsInEU", 2726 "value": "true" 2727 }, 2728 { 2729 "key": "ASNNumber", 2730 "value": "16276" 2731 }, 2732 { 2733 "key": "service", 2734 "value": "ssh" 2735 }, 2736 { 2737 "key": "log_type", 2738 "value": "ssh_failed-auth" 2739 }, 2740 { 2741 "key": "source_ip", 2742 "value": "91.121.79.187" 2743 }, 2744 { 2745 "key": "IsoCode", 2746 "value": "FR" 2747 }, 2748 { 2749 "key": "ASNOrg", 2750 "value": "OVH SAS" 2751 }, 2752 { 2753 "key": "SourceRange", 2754 "value": "91.121.72.0/21" 2755 } 2756 ], 2757 "timestamp": "2020-10-02T17:09:08Z" 2758 }, 2759 { 2760 "meta": [ 2761 { 2762 "key": "ASNNumber", 2763 "value": "16276" 2764 }, 2765 { 2766 "key": "ASNOrg", 2767 "value": "OVH SAS" 2768 }, 2769 { 2770 "key": "service", 2771 "value": "ssh" 2772 }, 2773 { 2774 "key": "source_ip", 2775 "value": "91.121.79.187" 2776 }, 2777 { 2778 "key": "IsoCode", 2779 "value": "FR" 2780 }, 2781 { 2782 "key": "SourceRange", 2783 "value": "91.121.72.0/21" 2784 }, 2785 { 2786 "key": "target_user", 2787 "value": "root" 2788 }, 2789 { 2790 "key": "log_type", 2791 "value": "ssh_failed-auth" 2792 }, 2793 { 2794 "key": "IsInEU", 2795 "value": "true" 2796 } 2797 ], 2798 "timestamp": "2020-10-02T17:09:08Z" 2799 }, 2800 { 2801 "meta": [ 2802 { 2803 "key": "SourceRange", 2804 "value": "91.121.72.0/21" 2805 }, 2806 { 2807 "key": "target_user", 2808 "value": "root" 2809 }, 2810 { 2811 "key": "service", 2812 "value": "ssh" 2813 }, 2814 { 2815 "key": "log_type", 2816 "value": "ssh_failed-auth" 2817 }, 2818 { 2819 "key": "source_ip", 2820 "value": "91.121.79.187" 2821 }, 2822 { 2823 "key": "IsoCode", 2824 "value": "FR" 2825 }, 2826 { 2827 "key": "IsInEU", 2828 "value": "true" 2829 }, 2830 { 2831 "key": "ASNNumber", 2832 "value": "16276" 2833 }, 2834 { 2835 "key": "ASNOrg", 2836 "value": "OVH SAS" 2837 } 2838 ], 2839 "timestamp": "2020-10-02T17:09:08Z" 2840 }, 2841 { 2842 "meta": [ 2843 { 2844 "key": "log_type", 2845 "value": "ssh_failed-auth" 2846 }, 2847 { 2848 "key": "source_ip", 2849 "value": "91.121.79.187" 2850 }, 2851 { 2852 "key": "ASNNumber", 2853 "value": "16276" 2854 }, 2855 { 2856 "key": "ASNOrg", 2857 "value": "OVH SAS" 2858 }, 2859 { 2860 "key": "SourceRange", 2861 "value": "91.121.72.0/21" 2862 }, 2863 { 2864 "key": "target_user", 2865 "value": "root" 2866 }, 2867 { 2868 "key": "service", 2869 "value": "ssh" 2870 }, 2871 { 2872 "key": "IsoCode", 2873 "value": "FR" 2874 }, 2875 { 2876 "key": "IsInEU", 2877 "value": "true" 2878 } 2879 ], 2880 "timestamp": "2020-10-02T17:09:08Z" 2881 } 2882 ], 2883 "events_count": 6, 2884 "labels": null, 2885 "leakspeed": "10s", 2886 "message": "Ip 91.121.79.187 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 2887 "remediation": true, 2888 "scenario": "crowdsecurity/ssh-bf", 2889 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 2890 "scenario_version": "0.1", 2891 "simulated": false, 2892 "source": { 2893 "as_name": "OVH SAS", 2894 "cn": "FR", 2895 "ip": "91.121.79.187", 2896 "latitude": 50.646, 2897 "longitude": 3.0758, 2898 "range": "91.121.72.0/21", 2899 "scope": "Ip", 2900 "value": "91.121.79.187" 2901 }, 2902 "start_at": "2020-10-26T12:52:58.153861334+01:00", 2903 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 2904 }, 2905 { 2906 "capacity": 5, 2907 "decisions": null, 2908 "events": [ 2909 { 2910 "meta": [ 2911 { 2912 "key": "ASNOrg", 2913 "value": "OVH SAS" 2914 }, 2915 { 2916 "key": "SourceRange", 2917 "value": "91.121.72.0/21" 2918 }, 2919 { 2920 "key": "target_user", 2921 "value": "root" 2922 }, 2923 { 2924 "key": "source_ip", 2925 "value": "91.121.79.186" 2926 }, 2927 { 2928 "key": "IsoCode", 2929 "value": "FR" 2930 }, 2931 { 2932 "key": "ASNNumber", 2933 "value": "16276" 2934 }, 2935 { 2936 "key": "service", 2937 "value": "ssh" 2938 }, 2939 { 2940 "key": "log_type", 2941 "value": "ssh_failed-auth" 2942 }, 2943 { 2944 "key": "IsInEU", 2945 "value": "true" 2946 } 2947 ], 2948 "timestamp": "2020-10-02T17:09:08Z" 2949 }, 2950 { 2951 "meta": [ 2952 { 2953 "key": "source_ip", 2954 "value": "91.121.79.186" 2955 }, 2956 { 2957 "key": "IsoCode", 2958 "value": "FR" 2959 }, 2960 { 2961 "key": "log_type", 2962 "value": "ssh_failed-auth" 2963 }, 2964 { 2965 "key": "service", 2966 "value": "ssh" 2967 }, 2968 { 2969 "key": "IsInEU", 2970 "value": "true" 2971 }, 2972 { 2973 "key": "ASNNumber", 2974 "value": "16276" 2975 }, 2976 { 2977 "key": "ASNOrg", 2978 "value": "OVH SAS" 2979 }, 2980 { 2981 "key": "SourceRange", 2982 "value": "91.121.72.0/21" 2983 }, 2984 { 2985 "key": "target_user", 2986 "value": "root" 2987 } 2988 ], 2989 "timestamp": "2020-10-02T17:09:08Z" 2990 }, 2991 { 2992 "meta": [ 2993 { 2994 "key": "target_user", 2995 "value": "root" 2996 }, 2997 { 2998 "key": "IsInEU", 2999 "value": "true" 3000 }, 3001 { 3002 "key": "ASNNumber", 3003 "value": "16276" 3004 }, 3005 { 3006 "key": "service", 3007 "value": "ssh" 3008 }, 3009 { 3010 "key": "log_type", 3011 "value": "ssh_failed-auth" 3012 }, 3013 { 3014 "key": "source_ip", 3015 "value": "91.121.79.186" 3016 }, 3017 { 3018 "key": "IsoCode", 3019 "value": "FR" 3020 }, 3021 { 3022 "key": "ASNOrg", 3023 "value": "OVH SAS" 3024 }, 3025 { 3026 "key": "SourceRange", 3027 "value": "91.121.72.0/21" 3028 } 3029 ], 3030 "timestamp": "2020-10-02T17:09:08Z" 3031 }, 3032 { 3033 "meta": [ 3034 { 3035 "key": "ASNNumber", 3036 "value": "16276" 3037 }, 3038 { 3039 "key": "ASNOrg", 3040 "value": "OVH SAS" 3041 }, 3042 { 3043 "key": "service", 3044 "value": "ssh" 3045 }, 3046 { 3047 "key": "source_ip", 3048 "value": "91.121.79.186" 3049 }, 3050 { 3051 "key": "IsoCode", 3052 "value": "FR" 3053 }, 3054 { 3055 "key": "SourceRange", 3056 "value": "91.121.72.0/21" 3057 }, 3058 { 3059 "key": "target_user", 3060 "value": "root" 3061 }, 3062 { 3063 "key": "log_type", 3064 "value": "ssh_failed-auth" 3065 }, 3066 { 3067 "key": "IsInEU", 3068 "value": "true" 3069 } 3070 ], 3071 "timestamp": "2020-10-02T17:09:08Z" 3072 }, 3073 { 3074 "meta": [ 3075 { 3076 "key": "SourceRange", 3077 "value": "91.121.72.0/21" 3078 }, 3079 { 3080 "key": "target_user", 3081 "value": "root" 3082 }, 3083 { 3084 "key": "service", 3085 "value": "ssh" 3086 }, 3087 { 3088 "key": "log_type", 3089 "value": "ssh_failed-auth" 3090 }, 3091 { 3092 "key": "source_ip", 3093 "value": "91.121.79.186" 3094 }, 3095 { 3096 "key": "IsoCode", 3097 "value": "FR" 3098 }, 3099 { 3100 "key": "IsInEU", 3101 "value": "true" 3102 }, 3103 { 3104 "key": "ASNNumber", 3105 "value": "16276" 3106 }, 3107 { 3108 "key": "ASNOrg", 3109 "value": "OVH SAS" 3110 } 3111 ], 3112 "timestamp": "2020-10-02T17:09:08Z" 3113 }, 3114 { 3115 "meta": [ 3116 { 3117 "key": "log_type", 3118 "value": "ssh_failed-auth" 3119 }, 3120 { 3121 "key": "source_ip", 3122 "value": "91.121.79.186" 3123 }, 3124 { 3125 "key": "ASNNumber", 3126 "value": "16276" 3127 }, 3128 { 3129 "key": "ASNOrg", 3130 "value": "OVH SAS" 3131 }, 3132 { 3133 "key": "SourceRange", 3134 "value": "91.121.72.0/21" 3135 }, 3136 { 3137 "key": "target_user", 3138 "value": "root" 3139 }, 3140 { 3141 "key": "service", 3142 "value": "ssh" 3143 }, 3144 { 3145 "key": "IsoCode", 3146 "value": "FR" 3147 }, 3148 { 3149 "key": "IsInEU", 3150 "value": "true" 3151 } 3152 ], 3153 "timestamp": "2020-10-02T17:09:08Z" 3154 } 3155 ], 3156 "events_count": 6, 3157 "labels": null, 3158 "leakspeed": "10s", 3159 "message": "Ip 91.121.79.186 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 3160 "remediation": true, 3161 "scenario": "crowdsecurity/ssh-bf", 3162 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 3163 "scenario_version": "0.1", 3164 "simulated": false, 3165 "source": { 3166 "as_name": "OVH SAS", 3167 "cn": "FR", 3168 "ip": "91.121.79.186", 3169 "latitude": 50.646, 3170 "longitude": 3.0758, 3171 "range": "91.121.72.0/21", 3172 "scope": "Ip", 3173 "value": "91.121.79.186" 3174 }, 3175 "start_at": "2020-10-26T12:52:58.153861334+01:00", 3176 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 3177 }, 3178 { 3179 "capacity": 5, 3180 "decisions": null, 3181 "events": [ 3182 { 3183 "meta": [ 3184 { 3185 "key": "ASNOrg", 3186 "value": "OVH SAS" 3187 }, 3188 { 3189 "key": "SourceRange", 3190 "value": "91.121.72.0/21" 3191 }, 3192 { 3193 "key": "target_user", 3194 "value": "root" 3195 }, 3196 { 3197 "key": "source_ip", 3198 "value": "91.121.79.185" 3199 }, 3200 { 3201 "key": "IsoCode", 3202 "value": "FR" 3203 }, 3204 { 3205 "key": "ASNNumber", 3206 "value": "16276" 3207 }, 3208 { 3209 "key": "service", 3210 "value": "ssh" 3211 }, 3212 { 3213 "key": "log_type", 3214 "value": "ssh_failed-auth" 3215 }, 3216 { 3217 "key": "IsInEU", 3218 "value": "true" 3219 } 3220 ], 3221 "timestamp": "2020-10-02T17:09:08Z" 3222 }, 3223 { 3224 "meta": [ 3225 { 3226 "key": "source_ip", 3227 "value": "91.121.79.185" 3228 }, 3229 { 3230 "key": "IsoCode", 3231 "value": "FR" 3232 }, 3233 { 3234 "key": "log_type", 3235 "value": "ssh_failed-auth" 3236 }, 3237 { 3238 "key": "service", 3239 "value": "ssh" 3240 }, 3241 { 3242 "key": "IsInEU", 3243 "value": "true" 3244 }, 3245 { 3246 "key": "ASNNumber", 3247 "value": "16276" 3248 }, 3249 { 3250 "key": "ASNOrg", 3251 "value": "OVH SAS" 3252 }, 3253 { 3254 "key": "SourceRange", 3255 "value": "91.121.72.0/21" 3256 }, 3257 { 3258 "key": "target_user", 3259 "value": "root" 3260 } 3261 ], 3262 "timestamp": "2020-10-02T17:09:08Z" 3263 }, 3264 { 3265 "meta": [ 3266 { 3267 "key": "target_user", 3268 "value": "root" 3269 }, 3270 { 3271 "key": "IsInEU", 3272 "value": "true" 3273 }, 3274 { 3275 "key": "ASNNumber", 3276 "value": "16276" 3277 }, 3278 { 3279 "key": "service", 3280 "value": "ssh" 3281 }, 3282 { 3283 "key": "log_type", 3284 "value": "ssh_failed-auth" 3285 }, 3286 { 3287 "key": "source_ip", 3288 "value": "91.121.79.185" 3289 }, 3290 { 3291 "key": "IsoCode", 3292 "value": "FR" 3293 }, 3294 { 3295 "key": "ASNOrg", 3296 "value": "OVH SAS" 3297 }, 3298 { 3299 "key": "SourceRange", 3300 "value": "91.121.72.0/21" 3301 } 3302 ], 3303 "timestamp": "2020-10-02T17:09:08Z" 3304 }, 3305 { 3306 "meta": [ 3307 { 3308 "key": "ASNNumber", 3309 "value": "16276" 3310 }, 3311 { 3312 "key": "ASNOrg", 3313 "value": "OVH SAS" 3314 }, 3315 { 3316 "key": "service", 3317 "value": "ssh" 3318 }, 3319 { 3320 "key": "source_ip", 3321 "value": "91.121.79.185" 3322 }, 3323 { 3324 "key": "IsoCode", 3325 "value": "FR" 3326 }, 3327 { 3328 "key": "SourceRange", 3329 "value": "91.121.72.0/21" 3330 }, 3331 { 3332 "key": "target_user", 3333 "value": "root" 3334 }, 3335 { 3336 "key": "log_type", 3337 "value": "ssh_failed-auth" 3338 }, 3339 { 3340 "key": "IsInEU", 3341 "value": "true" 3342 } 3343 ], 3344 "timestamp": "2020-10-02T17:09:08Z" 3345 }, 3346 { 3347 "meta": [ 3348 { 3349 "key": "SourceRange", 3350 "value": "91.121.72.0/21" 3351 }, 3352 { 3353 "key": "target_user", 3354 "value": "root" 3355 }, 3356 { 3357 "key": "service", 3358 "value": "ssh" 3359 }, 3360 { 3361 "key": "log_type", 3362 "value": "ssh_failed-auth" 3363 }, 3364 { 3365 "key": "source_ip", 3366 "value": "91.121.79.185" 3367 }, 3368 { 3369 "key": "IsoCode", 3370 "value": "FR" 3371 }, 3372 { 3373 "key": "IsInEU", 3374 "value": "true" 3375 }, 3376 { 3377 "key": "ASNNumber", 3378 "value": "16276" 3379 }, 3380 { 3381 "key": "ASNOrg", 3382 "value": "OVH SAS" 3383 } 3384 ], 3385 "timestamp": "2020-10-02T17:09:08Z" 3386 }, 3387 { 3388 "meta": [ 3389 { 3390 "key": "log_type", 3391 "value": "ssh_failed-auth" 3392 }, 3393 { 3394 "key": "source_ip", 3395 "value": "91.121.79.185" 3396 }, 3397 { 3398 "key": "ASNNumber", 3399 "value": "16276" 3400 }, 3401 { 3402 "key": "ASNOrg", 3403 "value": "OVH SAS" 3404 }, 3405 { 3406 "key": "SourceRange", 3407 "value": "91.121.72.0/21" 3408 }, 3409 { 3410 "key": "target_user", 3411 "value": "root" 3412 }, 3413 { 3414 "key": "service", 3415 "value": "ssh" 3416 }, 3417 { 3418 "key": "IsoCode", 3419 "value": "FR" 3420 }, 3421 { 3422 "key": "IsInEU", 3423 "value": "true" 3424 } 3425 ], 3426 "timestamp": "2020-10-02T17:09:08Z" 3427 } 3428 ], 3429 "events_count": 6, 3430 "labels": null, 3431 "leakspeed": "10s", 3432 "message": "Ip 91.121.79.185 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 3433 "remediation": true, 3434 "scenario": "crowdsecurity/ssh-bf", 3435 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 3436 "scenario_version": "0.1", 3437 "simulated": false, 3438 "source": { 3439 "as_name": "OVH SAS", 3440 "cn": "FR", 3441 "ip": "91.121.79.185", 3442 "latitude": 50.646, 3443 "longitude": 3.0758, 3444 "range": "91.121.72.0/21", 3445 "scope": "Ip", 3446 "value": "91.121.79.185" 3447 }, 3448 "start_at": "2020-10-26T12:52:58.153861334+01:00", 3449 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 3450 }, 3451 { 3452 "capacity": 5, 3453 "decisions": null, 3454 "events": [ 3455 { 3456 "meta": [ 3457 { 3458 "key": "ASNOrg", 3459 "value": "OVH SAS" 3460 }, 3461 { 3462 "key": "SourceRange", 3463 "value": "91.121.72.0/21" 3464 }, 3465 { 3466 "key": "target_user", 3467 "value": "root" 3468 }, 3469 { 3470 "key": "source_ip", 3471 "value": "91.121.79.184" 3472 }, 3473 { 3474 "key": "IsoCode", 3475 "value": "FR" 3476 }, 3477 { 3478 "key": "ASNNumber", 3479 "value": "16276" 3480 }, 3481 { 3482 "key": "service", 3483 "value": "ssh" 3484 }, 3485 { 3486 "key": "log_type", 3487 "value": "ssh_failed-auth" 3488 }, 3489 { 3490 "key": "IsInEU", 3491 "value": "true" 3492 } 3493 ], 3494 "timestamp": "2020-10-02T17:09:08Z" 3495 }, 3496 { 3497 "meta": [ 3498 { 3499 "key": "source_ip", 3500 "value": "91.121.79.184" 3501 }, 3502 { 3503 "key": "IsoCode", 3504 "value": "FR" 3505 }, 3506 { 3507 "key": "log_type", 3508 "value": "ssh_failed-auth" 3509 }, 3510 { 3511 "key": "service", 3512 "value": "ssh" 3513 }, 3514 { 3515 "key": "IsInEU", 3516 "value": "true" 3517 }, 3518 { 3519 "key": "ASNNumber", 3520 "value": "16276" 3521 }, 3522 { 3523 "key": "ASNOrg", 3524 "value": "OVH SAS" 3525 }, 3526 { 3527 "key": "SourceRange", 3528 "value": "91.121.72.0/21" 3529 }, 3530 { 3531 "key": "target_user", 3532 "value": "root" 3533 } 3534 ], 3535 "timestamp": "2020-10-02T17:09:08Z" 3536 }, 3537 { 3538 "meta": [ 3539 { 3540 "key": "target_user", 3541 "value": "root" 3542 }, 3543 { 3544 "key": "IsInEU", 3545 "value": "true" 3546 }, 3547 { 3548 "key": "ASNNumber", 3549 "value": "16276" 3550 }, 3551 { 3552 "key": "service", 3553 "value": "ssh" 3554 }, 3555 { 3556 "key": "log_type", 3557 "value": "ssh_failed-auth" 3558 }, 3559 { 3560 "key": "source_ip", 3561 "value": "91.121.79.184" 3562 }, 3563 { 3564 "key": "IsoCode", 3565 "value": "FR" 3566 }, 3567 { 3568 "key": "ASNOrg", 3569 "value": "OVH SAS" 3570 }, 3571 { 3572 "key": "SourceRange", 3573 "value": "91.121.72.0/21" 3574 } 3575 ], 3576 "timestamp": "2020-10-02T17:09:08Z" 3577 }, 3578 { 3579 "meta": [ 3580 { 3581 "key": "ASNNumber", 3582 "value": "16276" 3583 }, 3584 { 3585 "key": "ASNOrg", 3586 "value": "OVH SAS" 3587 }, 3588 { 3589 "key": "service", 3590 "value": "ssh" 3591 }, 3592 { 3593 "key": "source_ip", 3594 "value": "91.121.79.184" 3595 }, 3596 { 3597 "key": "IsoCode", 3598 "value": "FR" 3599 }, 3600 { 3601 "key": "SourceRange", 3602 "value": "91.121.72.0/21" 3603 }, 3604 { 3605 "key": "target_user", 3606 "value": "root" 3607 }, 3608 { 3609 "key": "log_type", 3610 "value": "ssh_failed-auth" 3611 }, 3612 { 3613 "key": "IsInEU", 3614 "value": "true" 3615 } 3616 ], 3617 "timestamp": "2020-10-02T17:09:08Z" 3618 }, 3619 { 3620 "meta": [ 3621 { 3622 "key": "SourceRange", 3623 "value": "91.121.72.0/21" 3624 }, 3625 { 3626 "key": "target_user", 3627 "value": "root" 3628 }, 3629 { 3630 "key": "service", 3631 "value": "ssh" 3632 }, 3633 { 3634 "key": "log_type", 3635 "value": "ssh_failed-auth" 3636 }, 3637 { 3638 "key": "source_ip", 3639 "value": "91.121.79.184" 3640 }, 3641 { 3642 "key": "IsoCode", 3643 "value": "FR" 3644 }, 3645 { 3646 "key": "IsInEU", 3647 "value": "true" 3648 }, 3649 { 3650 "key": "ASNNumber", 3651 "value": "16276" 3652 }, 3653 { 3654 "key": "ASNOrg", 3655 "value": "OVH SAS" 3656 } 3657 ], 3658 "timestamp": "2020-10-02T17:09:08Z" 3659 }, 3660 { 3661 "meta": [ 3662 { 3663 "key": "log_type", 3664 "value": "ssh_failed-auth" 3665 }, 3666 { 3667 "key": "source_ip", 3668 "value": "91.121.79.184" 3669 }, 3670 { 3671 "key": "ASNNumber", 3672 "value": "16276" 3673 }, 3674 { 3675 "key": "ASNOrg", 3676 "value": "OVH SAS" 3677 }, 3678 { 3679 "key": "SourceRange", 3680 "value": "91.121.72.0/21" 3681 }, 3682 { 3683 "key": "target_user", 3684 "value": "root" 3685 }, 3686 { 3687 "key": "service", 3688 "value": "ssh" 3689 }, 3690 { 3691 "key": "IsoCode", 3692 "value": "FR" 3693 }, 3694 { 3695 "key": "IsInEU", 3696 "value": "true" 3697 } 3698 ], 3699 "timestamp": "2020-10-02T17:09:08Z" 3700 } 3701 ], 3702 "events_count": 6, 3703 "labels": null, 3704 "leakspeed": "10s", 3705 "message": "Ip 91.121.79.184 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 3706 "remediation": true, 3707 "scenario": "crowdsecurity/ssh-bf", 3708 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 3709 "scenario_version": "0.1", 3710 "simulated": false, 3711 "source": { 3712 "as_name": "OVH SAS", 3713 "cn": "FR", 3714 "ip": "91.121.79.184", 3715 "latitude": 50.646, 3716 "longitude": 3.0758, 3717 "range": "91.121.72.0/21", 3718 "scope": "Ip", 3719 "value": "91.121.79.184" 3720 }, 3721 "start_at": "2020-10-26T12:52:58.153861334+01:00", 3722 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 3723 }, 3724 { 3725 "capacity": 5, 3726 "decisions": null, 3727 "events": [ 3728 { 3729 "meta": [ 3730 { 3731 "key": "ASNOrg", 3732 "value": "OVH SAS" 3733 }, 3734 { 3735 "key": "SourceRange", 3736 "value": "91.121.72.0/21" 3737 }, 3738 { 3739 "key": "target_user", 3740 "value": "root" 3741 }, 3742 { 3743 "key": "source_ip", 3744 "value": "91.121.79.183" 3745 }, 3746 { 3747 "key": "IsoCode", 3748 "value": "FR" 3749 }, 3750 { 3751 "key": "ASNNumber", 3752 "value": "16276" 3753 }, 3754 { 3755 "key": "service", 3756 "value": "ssh" 3757 }, 3758 { 3759 "key": "log_type", 3760 "value": "ssh_failed-auth" 3761 }, 3762 { 3763 "key": "IsInEU", 3764 "value": "true" 3765 } 3766 ], 3767 "timestamp": "2020-10-02T17:09:08Z" 3768 }, 3769 { 3770 "meta": [ 3771 { 3772 "key": "source_ip", 3773 "value": "91.121.79.183" 3774 }, 3775 { 3776 "key": "IsoCode", 3777 "value": "FR" 3778 }, 3779 { 3780 "key": "log_type", 3781 "value": "ssh_failed-auth" 3782 }, 3783 { 3784 "key": "service", 3785 "value": "ssh" 3786 }, 3787 { 3788 "key": "IsInEU", 3789 "value": "true" 3790 }, 3791 { 3792 "key": "ASNNumber", 3793 "value": "16276" 3794 }, 3795 { 3796 "key": "ASNOrg", 3797 "value": "OVH SAS" 3798 }, 3799 { 3800 "key": "SourceRange", 3801 "value": "91.121.72.0/21" 3802 }, 3803 { 3804 "key": "target_user", 3805 "value": "root" 3806 } 3807 ], 3808 "timestamp": "2020-10-02T17:09:08Z" 3809 }, 3810 { 3811 "meta": [ 3812 { 3813 "key": "target_user", 3814 "value": "root" 3815 }, 3816 { 3817 "key": "IsInEU", 3818 "value": "true" 3819 }, 3820 { 3821 "key": "ASNNumber", 3822 "value": "16276" 3823 }, 3824 { 3825 "key": "service", 3826 "value": "ssh" 3827 }, 3828 { 3829 "key": "log_type", 3830 "value": "ssh_failed-auth" 3831 }, 3832 { 3833 "key": "source_ip", 3834 "value": "91.121.79.183" 3835 }, 3836 { 3837 "key": "IsoCode", 3838 "value": "FR" 3839 }, 3840 { 3841 "key": "ASNOrg", 3842 "value": "OVH SAS" 3843 }, 3844 { 3845 "key": "SourceRange", 3846 "value": "91.121.72.0/21" 3847 } 3848 ], 3849 "timestamp": "2020-10-02T17:09:08Z" 3850 }, 3851 { 3852 "meta": [ 3853 { 3854 "key": "ASNNumber", 3855 "value": "16276" 3856 }, 3857 { 3858 "key": "ASNOrg", 3859 "value": "OVH SAS" 3860 }, 3861 { 3862 "key": "service", 3863 "value": "ssh" 3864 }, 3865 { 3866 "key": "source_ip", 3867 "value": "91.121.79.183" 3868 }, 3869 { 3870 "key": "IsoCode", 3871 "value": "FR" 3872 }, 3873 { 3874 "key": "SourceRange", 3875 "value": "91.121.72.0/21" 3876 }, 3877 { 3878 "key": "target_user", 3879 "value": "root" 3880 }, 3881 { 3882 "key": "log_type", 3883 "value": "ssh_failed-auth" 3884 }, 3885 { 3886 "key": "IsInEU", 3887 "value": "true" 3888 } 3889 ], 3890 "timestamp": "2020-10-02T17:09:08Z" 3891 }, 3892 { 3893 "meta": [ 3894 { 3895 "key": "SourceRange", 3896 "value": "91.121.72.0/21" 3897 }, 3898 { 3899 "key": "target_user", 3900 "value": "root" 3901 }, 3902 { 3903 "key": "service", 3904 "value": "ssh" 3905 }, 3906 { 3907 "key": "log_type", 3908 "value": "ssh_failed-auth" 3909 }, 3910 { 3911 "key": "source_ip", 3912 "value": "91.121.79.183" 3913 }, 3914 { 3915 "key": "IsoCode", 3916 "value": "FR" 3917 }, 3918 { 3919 "key": "IsInEU", 3920 "value": "true" 3921 }, 3922 { 3923 "key": "ASNNumber", 3924 "value": "16276" 3925 }, 3926 { 3927 "key": "ASNOrg", 3928 "value": "OVH SAS" 3929 } 3930 ], 3931 "timestamp": "2020-10-02T17:09:08Z" 3932 }, 3933 { 3934 "meta": [ 3935 { 3936 "key": "log_type", 3937 "value": "ssh_failed-auth" 3938 }, 3939 { 3940 "key": "source_ip", 3941 "value": "91.121.79.183" 3942 }, 3943 { 3944 "key": "ASNNumber", 3945 "value": "16276" 3946 }, 3947 { 3948 "key": "ASNOrg", 3949 "value": "OVH SAS" 3950 }, 3951 { 3952 "key": "SourceRange", 3953 "value": "91.121.72.0/21" 3954 }, 3955 { 3956 "key": "target_user", 3957 "value": "root" 3958 }, 3959 { 3960 "key": "service", 3961 "value": "ssh" 3962 }, 3963 { 3964 "key": "IsoCode", 3965 "value": "FR" 3966 }, 3967 { 3968 "key": "IsInEU", 3969 "value": "true" 3970 } 3971 ], 3972 "timestamp": "2020-10-02T17:09:08Z" 3973 } 3974 ], 3975 "events_count": 6, 3976 "labels": null, 3977 "leakspeed": "10s", 3978 "message": "Ip 91.121.79.183 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 3979 "remediation": true, 3980 "scenario": "crowdsecurity/ssh-bf", 3981 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 3982 "scenario_version": "0.1", 3983 "simulated": false, 3984 "source": { 3985 "as_name": "OVH SAS", 3986 "cn": "FR", 3987 "ip": "91.121.79.183", 3988 "latitude": 50.646, 3989 "longitude": 3.0758, 3990 "range": "91.121.72.0/21", 3991 "scope": "Ip", 3992 "value": "91.121.79.183" 3993 }, 3994 "start_at": "2020-10-26T12:52:58.153861334+01:00", 3995 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 3996 }, 3997 { 3998 "capacity": 5, 3999 "decisions": null, 4000 "events": [ 4001 { 4002 "meta": [ 4003 { 4004 "key": "ASNOrg", 4005 "value": "OVH SAS" 4006 }, 4007 { 4008 "key": "SourceRange", 4009 "value": "91.121.72.0/21" 4010 }, 4011 { 4012 "key": "target_user", 4013 "value": "root" 4014 }, 4015 { 4016 "key": "source_ip", 4017 "value": "91.121.79.182" 4018 }, 4019 { 4020 "key": "IsoCode", 4021 "value": "FR" 4022 }, 4023 { 4024 "key": "ASNNumber", 4025 "value": "16276" 4026 }, 4027 { 4028 "key": "service", 4029 "value": "ssh" 4030 }, 4031 { 4032 "key": "log_type", 4033 "value": "ssh_failed-auth" 4034 }, 4035 { 4036 "key": "IsInEU", 4037 "value": "true" 4038 } 4039 ], 4040 "timestamp": "2020-10-02T17:09:08Z" 4041 }, 4042 { 4043 "meta": [ 4044 { 4045 "key": "source_ip", 4046 "value": "91.121.79.182" 4047 }, 4048 { 4049 "key": "IsoCode", 4050 "value": "FR" 4051 }, 4052 { 4053 "key": "log_type", 4054 "value": "ssh_failed-auth" 4055 }, 4056 { 4057 "key": "service", 4058 "value": "ssh" 4059 }, 4060 { 4061 "key": "IsInEU", 4062 "value": "true" 4063 }, 4064 { 4065 "key": "ASNNumber", 4066 "value": "16276" 4067 }, 4068 { 4069 "key": "ASNOrg", 4070 "value": "OVH SAS" 4071 }, 4072 { 4073 "key": "SourceRange", 4074 "value": "91.121.72.0/21" 4075 }, 4076 { 4077 "key": "target_user", 4078 "value": "root" 4079 } 4080 ], 4081 "timestamp": "2020-10-02T17:09:08Z" 4082 }, 4083 { 4084 "meta": [ 4085 { 4086 "key": "target_user", 4087 "value": "root" 4088 }, 4089 { 4090 "key": "IsInEU", 4091 "value": "true" 4092 }, 4093 { 4094 "key": "ASNNumber", 4095 "value": "16276" 4096 }, 4097 { 4098 "key": "service", 4099 "value": "ssh" 4100 }, 4101 { 4102 "key": "log_type", 4103 "value": "ssh_failed-auth" 4104 }, 4105 { 4106 "key": "source_ip", 4107 "value": "91.121.79.182" 4108 }, 4109 { 4110 "key": "IsoCode", 4111 "value": "FR" 4112 }, 4113 { 4114 "key": "ASNOrg", 4115 "value": "OVH SAS" 4116 }, 4117 { 4118 "key": "SourceRange", 4119 "value": "91.121.72.0/21" 4120 } 4121 ], 4122 "timestamp": "2020-10-02T17:09:08Z" 4123 }, 4124 { 4125 "meta": [ 4126 { 4127 "key": "ASNNumber", 4128 "value": "16276" 4129 }, 4130 { 4131 "key": "ASNOrg", 4132 "value": "OVH SAS" 4133 }, 4134 { 4135 "key": "service", 4136 "value": "ssh" 4137 }, 4138 { 4139 "key": "source_ip", 4140 "value": "91.121.79.182" 4141 }, 4142 { 4143 "key": "IsoCode", 4144 "value": "FR" 4145 }, 4146 { 4147 "key": "SourceRange", 4148 "value": "91.121.72.0/21" 4149 }, 4150 { 4151 "key": "target_user", 4152 "value": "root" 4153 }, 4154 { 4155 "key": "log_type", 4156 "value": "ssh_failed-auth" 4157 }, 4158 { 4159 "key": "IsInEU", 4160 "value": "true" 4161 } 4162 ], 4163 "timestamp": "2020-10-02T17:09:08Z" 4164 }, 4165 { 4166 "meta": [ 4167 { 4168 "key": "SourceRange", 4169 "value": "91.121.72.0/21" 4170 }, 4171 { 4172 "key": "target_user", 4173 "value": "root" 4174 }, 4175 { 4176 "key": "service", 4177 "value": "ssh" 4178 }, 4179 { 4180 "key": "log_type", 4181 "value": "ssh_failed-auth" 4182 }, 4183 { 4184 "key": "source_ip", 4185 "value": "91.121.79.182" 4186 }, 4187 { 4188 "key": "IsoCode", 4189 "value": "FR" 4190 }, 4191 { 4192 "key": "IsInEU", 4193 "value": "true" 4194 }, 4195 { 4196 "key": "ASNNumber", 4197 "value": "16276" 4198 }, 4199 { 4200 "key": "ASNOrg", 4201 "value": "OVH SAS" 4202 } 4203 ], 4204 "timestamp": "2020-10-02T17:09:08Z" 4205 }, 4206 { 4207 "meta": [ 4208 { 4209 "key": "log_type", 4210 "value": "ssh_failed-auth" 4211 }, 4212 { 4213 "key": "source_ip", 4214 "value": "91.121.79.182" 4215 }, 4216 { 4217 "key": "ASNNumber", 4218 "value": "16276" 4219 }, 4220 { 4221 "key": "ASNOrg", 4222 "value": "OVH SAS" 4223 }, 4224 { 4225 "key": "SourceRange", 4226 "value": "91.121.72.0/21" 4227 }, 4228 { 4229 "key": "target_user", 4230 "value": "root" 4231 }, 4232 { 4233 "key": "service", 4234 "value": "ssh" 4235 }, 4236 { 4237 "key": "IsoCode", 4238 "value": "FR" 4239 }, 4240 { 4241 "key": "IsInEU", 4242 "value": "true" 4243 } 4244 ], 4245 "timestamp": "2020-10-02T17:09:08Z" 4246 } 4247 ], 4248 "events_count": 6, 4249 "labels": null, 4250 "leakspeed": "10s", 4251 "message": "Ip 91.121.79.182 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 4252 "remediation": true, 4253 "scenario": "crowdsecurity/ssh-bf", 4254 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 4255 "scenario_version": "0.1", 4256 "simulated": false, 4257 "source": { 4258 "as_name": "OVH SAS", 4259 "cn": "FR", 4260 "ip": "91.121.79.182", 4261 "latitude": 50.646, 4262 "longitude": 3.0758, 4263 "range": "91.121.72.0/21", 4264 "scope": "Ip", 4265 "value": "91.121.79.182" 4266 }, 4267 "start_at": "2020-10-26T12:52:58.153861334+01:00", 4268 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 4269 }, 4270 { 4271 "capacity": 5, 4272 "decisions": null, 4273 "events": [ 4274 { 4275 "meta": [ 4276 { 4277 "key": "ASNOrg", 4278 "value": "OVH SAS" 4279 }, 4280 { 4281 "key": "SourceRange", 4282 "value": "91.121.72.0/21" 4283 }, 4284 { 4285 "key": "target_user", 4286 "value": "root" 4287 }, 4288 { 4289 "key": "source_ip", 4290 "value": "91.121.79.181" 4291 }, 4292 { 4293 "key": "IsoCode", 4294 "value": "FR" 4295 }, 4296 { 4297 "key": "ASNNumber", 4298 "value": "16276" 4299 }, 4300 { 4301 "key": "service", 4302 "value": "ssh" 4303 }, 4304 { 4305 "key": "log_type", 4306 "value": "ssh_failed-auth" 4307 }, 4308 { 4309 "key": "IsInEU", 4310 "value": "true" 4311 } 4312 ], 4313 "timestamp": "2020-10-02T17:09:08Z" 4314 }, 4315 { 4316 "meta": [ 4317 { 4318 "key": "source_ip", 4319 "value": "91.121.79.181" 4320 }, 4321 { 4322 "key": "IsoCode", 4323 "value": "FR" 4324 }, 4325 { 4326 "key": "log_type", 4327 "value": "ssh_failed-auth" 4328 }, 4329 { 4330 "key": "service", 4331 "value": "ssh" 4332 }, 4333 { 4334 "key": "IsInEU", 4335 "value": "true" 4336 }, 4337 { 4338 "key": "ASNNumber", 4339 "value": "16276" 4340 }, 4341 { 4342 "key": "ASNOrg", 4343 "value": "OVH SAS" 4344 }, 4345 { 4346 "key": "SourceRange", 4347 "value": "91.121.72.0/21" 4348 }, 4349 { 4350 "key": "target_user", 4351 "value": "root" 4352 } 4353 ], 4354 "timestamp": "2020-10-02T17:09:08Z" 4355 }, 4356 { 4357 "meta": [ 4358 { 4359 "key": "target_user", 4360 "value": "root" 4361 }, 4362 { 4363 "key": "IsInEU", 4364 "value": "true" 4365 }, 4366 { 4367 "key": "ASNNumber", 4368 "value": "16276" 4369 }, 4370 { 4371 "key": "service", 4372 "value": "ssh" 4373 }, 4374 { 4375 "key": "log_type", 4376 "value": "ssh_failed-auth" 4377 }, 4378 { 4379 "key": "source_ip", 4380 "value": "91.121.79.181" 4381 }, 4382 { 4383 "key": "IsoCode", 4384 "value": "FR" 4385 }, 4386 { 4387 "key": "ASNOrg", 4388 "value": "OVH SAS" 4389 }, 4390 { 4391 "key": "SourceRange", 4392 "value": "91.121.72.0/21" 4393 } 4394 ], 4395 "timestamp": "2020-10-02T17:09:08Z" 4396 }, 4397 { 4398 "meta": [ 4399 { 4400 "key": "ASNNumber", 4401 "value": "16276" 4402 }, 4403 { 4404 "key": "ASNOrg", 4405 "value": "OVH SAS" 4406 }, 4407 { 4408 "key": "service", 4409 "value": "ssh" 4410 }, 4411 { 4412 "key": "source_ip", 4413 "value": "91.121.79.181" 4414 }, 4415 { 4416 "key": "IsoCode", 4417 "value": "FR" 4418 }, 4419 { 4420 "key": "SourceRange", 4421 "value": "91.121.72.0/21" 4422 }, 4423 { 4424 "key": "target_user", 4425 "value": "root" 4426 }, 4427 { 4428 "key": "log_type", 4429 "value": "ssh_failed-auth" 4430 }, 4431 { 4432 "key": "IsInEU", 4433 "value": "true" 4434 } 4435 ], 4436 "timestamp": "2020-10-02T17:09:08Z" 4437 }, 4438 { 4439 "meta": [ 4440 { 4441 "key": "SourceRange", 4442 "value": "91.121.72.0/21" 4443 }, 4444 { 4445 "key": "target_user", 4446 "value": "root" 4447 }, 4448 { 4449 "key": "service", 4450 "value": "ssh" 4451 }, 4452 { 4453 "key": "log_type", 4454 "value": "ssh_failed-auth" 4455 }, 4456 { 4457 "key": "source_ip", 4458 "value": "91.121.79.181" 4459 }, 4460 { 4461 "key": "IsoCode", 4462 "value": "FR" 4463 }, 4464 { 4465 "key": "IsInEU", 4466 "value": "true" 4467 }, 4468 { 4469 "key": "ASNNumber", 4470 "value": "16276" 4471 }, 4472 { 4473 "key": "ASNOrg", 4474 "value": "OVH SAS" 4475 } 4476 ], 4477 "timestamp": "2020-10-02T17:09:08Z" 4478 }, 4479 { 4480 "meta": [ 4481 { 4482 "key": "log_type", 4483 "value": "ssh_failed-auth" 4484 }, 4485 { 4486 "key": "source_ip", 4487 "value": "91.121.79.181" 4488 }, 4489 { 4490 "key": "ASNNumber", 4491 "value": "16276" 4492 }, 4493 { 4494 "key": "ASNOrg", 4495 "value": "OVH SAS" 4496 }, 4497 { 4498 "key": "SourceRange", 4499 "value": "91.121.72.0/21" 4500 }, 4501 { 4502 "key": "target_user", 4503 "value": "root" 4504 }, 4505 { 4506 "key": "service", 4507 "value": "ssh" 4508 }, 4509 { 4510 "key": "IsoCode", 4511 "value": "FR" 4512 }, 4513 { 4514 "key": "IsInEU", 4515 "value": "true" 4516 } 4517 ], 4518 "timestamp": "2020-10-02T17:09:08Z" 4519 } 4520 ], 4521 "events_count": 6, 4522 "labels": null, 4523 "leakspeed": "10s", 4524 "message": "Ip 91.121.79.181 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 4525 "remediation": true, 4526 "scenario": "crowdsecurity/ssh-bf", 4527 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 4528 "scenario_version": "0.1", 4529 "simulated": false, 4530 "source": { 4531 "as_name": "OVH SAS", 4532 "cn": "FR", 4533 "ip": "91.121.79.181", 4534 "latitude": 50.646, 4535 "longitude": 3.0758, 4536 "range": "91.121.72.0/21", 4537 "scope": "Ip", 4538 "value": "91.121.79.181" 4539 }, 4540 "start_at": "2020-10-26T12:52:58.153861334+01:00", 4541 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 4542 }, 4543 { 4544 "capacity": 5, 4545 "decisions": null, 4546 "events": [ 4547 { 4548 "meta": [ 4549 { 4550 "key": "ASNOrg", 4551 "value": "OVH SAS" 4552 }, 4553 { 4554 "key": "SourceRange", 4555 "value": "91.121.72.0/21" 4556 }, 4557 { 4558 "key": "target_user", 4559 "value": "root" 4560 }, 4561 { 4562 "key": "source_ip", 4563 "value": "91.121.79.180" 4564 }, 4565 { 4566 "key": "IsoCode", 4567 "value": "FR" 4568 }, 4569 { 4570 "key": "ASNNumber", 4571 "value": "16276" 4572 }, 4573 { 4574 "key": "service", 4575 "value": "ssh" 4576 }, 4577 { 4578 "key": "log_type", 4579 "value": "ssh_failed-auth" 4580 }, 4581 { 4582 "key": "IsInEU", 4583 "value": "true" 4584 } 4585 ], 4586 "timestamp": "2020-10-02T17:09:08Z" 4587 }, 4588 { 4589 "meta": [ 4590 { 4591 "key": "source_ip", 4592 "value": "91.121.79.180" 4593 }, 4594 { 4595 "key": "IsoCode", 4596 "value": "FR" 4597 }, 4598 { 4599 "key": "log_type", 4600 "value": "ssh_failed-auth" 4601 }, 4602 { 4603 "key": "service", 4604 "value": "ssh" 4605 }, 4606 { 4607 "key": "IsInEU", 4608 "value": "true" 4609 }, 4610 { 4611 "key": "ASNNumber", 4612 "value": "16276" 4613 }, 4614 { 4615 "key": "ASNOrg", 4616 "value": "OVH SAS" 4617 }, 4618 { 4619 "key": "SourceRange", 4620 "value": "91.121.72.0/21" 4621 }, 4622 { 4623 "key": "target_user", 4624 "value": "root" 4625 } 4626 ], 4627 "timestamp": "2020-10-02T17:09:08Z" 4628 }, 4629 { 4630 "meta": [ 4631 { 4632 "key": "target_user", 4633 "value": "root" 4634 }, 4635 { 4636 "key": "IsInEU", 4637 "value": "true" 4638 }, 4639 { 4640 "key": "ASNNumber", 4641 "value": "16276" 4642 }, 4643 { 4644 "key": "service", 4645 "value": "ssh" 4646 }, 4647 { 4648 "key": "log_type", 4649 "value": "ssh_failed-auth" 4650 }, 4651 { 4652 "key": "source_ip", 4653 "value": "91.121.79.180" 4654 }, 4655 { 4656 "key": "IsoCode", 4657 "value": "FR" 4658 }, 4659 { 4660 "key": "ASNOrg", 4661 "value": "OVH SAS" 4662 }, 4663 { 4664 "key": "SourceRange", 4665 "value": "91.121.72.0/21" 4666 } 4667 ], 4668 "timestamp": "2020-10-02T17:09:08Z" 4669 }, 4670 { 4671 "meta": [ 4672 { 4673 "key": "ASNNumber", 4674 "value": "16276" 4675 }, 4676 { 4677 "key": "ASNOrg", 4678 "value": "OVH SAS" 4679 }, 4680 { 4681 "key": "service", 4682 "value": "ssh" 4683 }, 4684 { 4685 "key": "source_ip", 4686 "value": "91.121.79.180" 4687 }, 4688 { 4689 "key": "IsoCode", 4690 "value": "FR" 4691 }, 4692 { 4693 "key": "SourceRange", 4694 "value": "91.121.72.0/21" 4695 }, 4696 { 4697 "key": "target_user", 4698 "value": "root" 4699 }, 4700 { 4701 "key": "log_type", 4702 "value": "ssh_failed-auth" 4703 }, 4704 { 4705 "key": "IsInEU", 4706 "value": "true" 4707 } 4708 ], 4709 "timestamp": "2020-10-02T17:09:08Z" 4710 }, 4711 { 4712 "meta": [ 4713 { 4714 "key": "SourceRange", 4715 "value": "91.121.72.0/21" 4716 }, 4717 { 4718 "key": "target_user", 4719 "value": "root" 4720 }, 4721 { 4722 "key": "service", 4723 "value": "ssh" 4724 }, 4725 { 4726 "key": "log_type", 4727 "value": "ssh_failed-auth" 4728 }, 4729 { 4730 "key": "source_ip", 4731 "value": "91.121.79.180" 4732 }, 4733 { 4734 "key": "IsoCode", 4735 "value": "FR" 4736 }, 4737 { 4738 "key": "IsInEU", 4739 "value": "true" 4740 }, 4741 { 4742 "key": "ASNNumber", 4743 "value": "16276" 4744 }, 4745 { 4746 "key": "ASNOrg", 4747 "value": "OVH SAS" 4748 } 4749 ], 4750 "timestamp": "2020-10-02T17:09:08Z" 4751 }, 4752 { 4753 "meta": [ 4754 { 4755 "key": "log_type", 4756 "value": "ssh_failed-auth" 4757 }, 4758 { 4759 "key": "source_ip", 4760 "value": "91.121.79.180" 4761 }, 4762 { 4763 "key": "ASNNumber", 4764 "value": "16276" 4765 }, 4766 { 4767 "key": "ASNOrg", 4768 "value": "OVH SAS" 4769 }, 4770 { 4771 "key": "SourceRange", 4772 "value": "91.121.72.0/21" 4773 }, 4774 { 4775 "key": "target_user", 4776 "value": "root" 4777 }, 4778 { 4779 "key": "service", 4780 "value": "ssh" 4781 }, 4782 { 4783 "key": "IsoCode", 4784 "value": "FR" 4785 }, 4786 { 4787 "key": "IsInEU", 4788 "value": "true" 4789 } 4790 ], 4791 "timestamp": "2020-10-02T17:09:08Z" 4792 } 4793 ], 4794 "events_count": 6, 4795 "labels": null, 4796 "leakspeed": "10s", 4797 "message": "Ip 91.121.79.180 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 4798 "remediation": true, 4799 "scenario": "crowdsecurity/ssh-bf", 4800 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 4801 "scenario_version": "0.1", 4802 "simulated": false, 4803 "source": { 4804 "as_name": "OVH SAS", 4805 "cn": "FR", 4806 "ip": "91.121.79.180", 4807 "latitude": 50.646, 4808 "longitude": 3.0758, 4809 "range": "91.121.72.0/21", 4810 "scope": "Ip", 4811 "value": "91.121.79.180" 4812 }, 4813 "start_at": "2020-10-26T12:52:58.153861334+01:00", 4814 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 4815 }, 4816 { 4817 "capacity": 5, 4818 "decisions": null, 4819 "events": [ 4820 { 4821 "meta": [ 4822 { 4823 "key": "ASNOrg", 4824 "value": "OVH SAS" 4825 }, 4826 { 4827 "key": "SourceRange", 4828 "value": "91.121.72.0/21" 4829 }, 4830 { 4831 "key": "target_user", 4832 "value": "root" 4833 }, 4834 { 4835 "key": "source_ip", 4836 "value": "91.121.79.179" 4837 }, 4838 { 4839 "key": "IsoCode", 4840 "value": "FR" 4841 }, 4842 { 4843 "key": "ASNNumber", 4844 "value": "16276" 4845 }, 4846 { 4847 "key": "service", 4848 "value": "ssh" 4849 }, 4850 { 4851 "key": "log_type", 4852 "value": "ssh_failed-auth" 4853 }, 4854 { 4855 "key": "IsInEU", 4856 "value": "true" 4857 } 4858 ], 4859 "timestamp": "2020-10-02T17:09:08Z" 4860 }, 4861 { 4862 "meta": [ 4863 { 4864 "key": "source_ip", 4865 "value": "91.121.79.179" 4866 }, 4867 { 4868 "key": "IsoCode", 4869 "value": "FR" 4870 }, 4871 { 4872 "key": "log_type", 4873 "value": "ssh_failed-auth" 4874 }, 4875 { 4876 "key": "service", 4877 "value": "ssh" 4878 }, 4879 { 4880 "key": "IsInEU", 4881 "value": "true" 4882 }, 4883 { 4884 "key": "ASNNumber", 4885 "value": "16276" 4886 }, 4887 { 4888 "key": "ASNOrg", 4889 "value": "OVH SAS" 4890 }, 4891 { 4892 "key": "SourceRange", 4893 "value": "91.121.72.0/21" 4894 }, 4895 { 4896 "key": "target_user", 4897 "value": "root" 4898 } 4899 ], 4900 "timestamp": "2020-10-02T17:09:08Z" 4901 }, 4902 { 4903 "meta": [ 4904 { 4905 "key": "target_user", 4906 "value": "root" 4907 }, 4908 { 4909 "key": "IsInEU", 4910 "value": "true" 4911 }, 4912 { 4913 "key": "ASNNumber", 4914 "value": "16276" 4915 }, 4916 { 4917 "key": "service", 4918 "value": "ssh" 4919 }, 4920 { 4921 "key": "log_type", 4922 "value": "ssh_failed-auth" 4923 }, 4924 { 4925 "key": "source_ip", 4926 "value": "91.121.79.179" 4927 }, 4928 { 4929 "key": "IsoCode", 4930 "value": "FR" 4931 }, 4932 { 4933 "key": "ASNOrg", 4934 "value": "OVH SAS" 4935 }, 4936 { 4937 "key": "SourceRange", 4938 "value": "91.121.72.0/21" 4939 } 4940 ], 4941 "timestamp": "2020-10-02T17:09:08Z" 4942 }, 4943 { 4944 "meta": [ 4945 { 4946 "key": "ASNNumber", 4947 "value": "16276" 4948 }, 4949 { 4950 "key": "ASNOrg", 4951 "value": "OVH SAS" 4952 }, 4953 { 4954 "key": "service", 4955 "value": "ssh" 4956 }, 4957 { 4958 "key": "source_ip", 4959 "value": "91.121.79.179" 4960 }, 4961 { 4962 "key": "IsoCode", 4963 "value": "FR" 4964 }, 4965 { 4966 "key": "SourceRange", 4967 "value": "91.121.72.0/21" 4968 }, 4969 { 4970 "key": "target_user", 4971 "value": "root" 4972 }, 4973 { 4974 "key": "log_type", 4975 "value": "ssh_failed-auth" 4976 }, 4977 { 4978 "key": "IsInEU", 4979 "value": "true" 4980 } 4981 ], 4982 "timestamp": "2020-10-02T17:09:08Z" 4983 }, 4984 { 4985 "meta": [ 4986 { 4987 "key": "SourceRange", 4988 "value": "91.121.72.0/21" 4989 }, 4990 { 4991 "key": "target_user", 4992 "value": "root" 4993 }, 4994 { 4995 "key": "service", 4996 "value": "ssh" 4997 }, 4998 { 4999 "key": "log_type", 5000 "value": "ssh_failed-auth" 5001 }, 5002 { 5003 "key": "source_ip", 5004 "value": "91.121.79.179" 5005 }, 5006 { 5007 "key": "IsoCode", 5008 "value": "FR" 5009 }, 5010 { 5011 "key": "IsInEU", 5012 "value": "true" 5013 }, 5014 { 5015 "key": "ASNNumber", 5016 "value": "16276" 5017 }, 5018 { 5019 "key": "ASNOrg", 5020 "value": "OVH SAS" 5021 } 5022 ], 5023 "timestamp": "2020-10-02T17:09:08Z" 5024 }, 5025 { 5026 "meta": [ 5027 { 5028 "key": "log_type", 5029 "value": "ssh_failed-auth" 5030 }, 5031 { 5032 "key": "source_ip", 5033 "value": "91.121.79.179" 5034 }, 5035 { 5036 "key": "ASNNumber", 5037 "value": "16276" 5038 }, 5039 { 5040 "key": "ASNOrg", 5041 "value": "OVH SAS" 5042 }, 5043 { 5044 "key": "SourceRange", 5045 "value": "91.121.72.0/21" 5046 }, 5047 { 5048 "key": "target_user", 5049 "value": "root" 5050 }, 5051 { 5052 "key": "service", 5053 "value": "ssh" 5054 }, 5055 { 5056 "key": "IsoCode", 5057 "value": "FR" 5058 }, 5059 { 5060 "key": "IsInEU", 5061 "value": "true" 5062 } 5063 ], 5064 "timestamp": "2020-10-02T17:09:08Z" 5065 } 5066 ], 5067 "events_count": 6, 5068 "labels": null, 5069 "leakspeed": "10s", 5070 "message": "Ip 91.121.79.179 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 5071 "remediation": true, 5072 "scenario": "crowdsecurity/ssh-bf", 5073 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 5074 "scenario_version": "0.1", 5075 "simulated": false, 5076 "source": { 5077 "as_name": "OVH SAS", 5078 "cn": "FR", 5079 "ip": "91.121.79.179", 5080 "latitude": 50.646, 5081 "longitude": 3.0758, 5082 "range": "91.121.72.0/21", 5083 "scope": "Ip", 5084 "value": "91.121.79.179" 5085 }, 5086 "start_at": "2020-10-26T12:52:58.153861334+01:00", 5087 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 5088 }, 5089 { 5090 "capacity": 5, 5091 "decisions": null, 5092 "events": [ 5093 { 5094 "meta": [ 5095 { 5096 "key": "ASNOrg", 5097 "value": "OVH SAS" 5098 }, 5099 { 5100 "key": "SourceRange", 5101 "value": "91.121.72.0/21" 5102 }, 5103 { 5104 "key": "target_user", 5105 "value": "root" 5106 }, 5107 { 5108 "key": "source_ip", 5109 "value": "91.121.79.178" 5110 }, 5111 { 5112 "key": "IsoCode", 5113 "value": "FR" 5114 }, 5115 { 5116 "key": "ASNNumber", 5117 "value": "16276" 5118 }, 5119 { 5120 "key": "service", 5121 "value": "ssh" 5122 }, 5123 { 5124 "key": "log_type", 5125 "value": "ssh_failed-auth" 5126 }, 5127 { 5128 "key": "IsInEU", 5129 "value": "true" 5130 } 5131 ], 5132 "timestamp": "2020-10-02T17:09:08Z" 5133 }, 5134 { 5135 "meta": [ 5136 { 5137 "key": "source_ip", 5138 "value": "91.121.79.178" 5139 }, 5140 { 5141 "key": "IsoCode", 5142 "value": "FR" 5143 }, 5144 { 5145 "key": "log_type", 5146 "value": "ssh_failed-auth" 5147 }, 5148 { 5149 "key": "service", 5150 "value": "ssh" 5151 }, 5152 { 5153 "key": "IsInEU", 5154 "value": "true" 5155 }, 5156 { 5157 "key": "ASNNumber", 5158 "value": "16276" 5159 }, 5160 { 5161 "key": "ASNOrg", 5162 "value": "OVH SAS" 5163 }, 5164 { 5165 "key": "SourceRange", 5166 "value": "91.121.72.0/21" 5167 }, 5168 { 5169 "key": "target_user", 5170 "value": "root" 5171 } 5172 ], 5173 "timestamp": "2020-10-02T17:09:08Z" 5174 }, 5175 { 5176 "meta": [ 5177 { 5178 "key": "target_user", 5179 "value": "root" 5180 }, 5181 { 5182 "key": "IsInEU", 5183 "value": "true" 5184 }, 5185 { 5186 "key": "ASNNumber", 5187 "value": "16276" 5188 }, 5189 { 5190 "key": "service", 5191 "value": "ssh" 5192 }, 5193 { 5194 "key": "log_type", 5195 "value": "ssh_failed-auth" 5196 }, 5197 { 5198 "key": "source_ip", 5199 "value": "91.121.79.178" 5200 }, 5201 { 5202 "key": "IsoCode", 5203 "value": "FR" 5204 }, 5205 { 5206 "key": "ASNOrg", 5207 "value": "OVH SAS" 5208 }, 5209 { 5210 "key": "SourceRange", 5211 "value": "91.121.72.0/21" 5212 } 5213 ], 5214 "timestamp": "2020-10-02T17:09:08Z" 5215 }, 5216 { 5217 "meta": [ 5218 { 5219 "key": "ASNNumber", 5220 "value": "16276" 5221 }, 5222 { 5223 "key": "ASNOrg", 5224 "value": "OVH SAS" 5225 }, 5226 { 5227 "key": "service", 5228 "value": "ssh" 5229 }, 5230 { 5231 "key": "source_ip", 5232 "value": "91.121.79.178" 5233 }, 5234 { 5235 "key": "IsoCode", 5236 "value": "FR" 5237 }, 5238 { 5239 "key": "SourceRange", 5240 "value": "91.121.72.0/21" 5241 }, 5242 { 5243 "key": "target_user", 5244 "value": "root" 5245 }, 5246 { 5247 "key": "log_type", 5248 "value": "ssh_failed-auth" 5249 }, 5250 { 5251 "key": "IsInEU", 5252 "value": "true" 5253 } 5254 ], 5255 "timestamp": "2020-10-02T17:09:08Z" 5256 }, 5257 { 5258 "meta": [ 5259 { 5260 "key": "SourceRange", 5261 "value": "91.121.72.0/21" 5262 }, 5263 { 5264 "key": "target_user", 5265 "value": "root" 5266 }, 5267 { 5268 "key": "service", 5269 "value": "ssh" 5270 }, 5271 { 5272 "key": "log_type", 5273 "value": "ssh_failed-auth" 5274 }, 5275 { 5276 "key": "source_ip", 5277 "value": "91.121.79.178" 5278 }, 5279 { 5280 "key": "IsoCode", 5281 "value": "FR" 5282 }, 5283 { 5284 "key": "IsInEU", 5285 "value": "true" 5286 }, 5287 { 5288 "key": "ASNNumber", 5289 "value": "16276" 5290 }, 5291 { 5292 "key": "ASNOrg", 5293 "value": "OVH SAS" 5294 } 5295 ], 5296 "timestamp": "2020-10-02T17:09:08Z" 5297 }, 5298 { 5299 "meta": [ 5300 { 5301 "key": "log_type", 5302 "value": "ssh_failed-auth" 5303 }, 5304 { 5305 "key": "source_ip", 5306 "value": "91.121.79.178" 5307 }, 5308 { 5309 "key": "ASNNumber", 5310 "value": "16276" 5311 }, 5312 { 5313 "key": "ASNOrg", 5314 "value": "OVH SAS" 5315 }, 5316 { 5317 "key": "SourceRange", 5318 "value": "91.121.72.0/21" 5319 }, 5320 { 5321 "key": "target_user", 5322 "value": "root" 5323 }, 5324 { 5325 "key": "service", 5326 "value": "ssh" 5327 }, 5328 { 5329 "key": "IsoCode", 5330 "value": "FR" 5331 }, 5332 { 5333 "key": "IsInEU", 5334 "value": "true" 5335 } 5336 ], 5337 "timestamp": "2020-10-02T17:09:08Z" 5338 } 5339 ], 5340 "events_count": 6, 5341 "labels": null, 5342 "leakspeed": "10s", 5343 "message": "Ip 91.121.79.178 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202", 5344 "remediation": true, 5345 "scenario": "crowdsecurity/ssh-bf", 5346 "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f", 5347 "scenario_version": "0.1", 5348 "simulated": false, 5349 "source": { 5350 "as_name": "OVH SAS", 5351 "cn": "FR", 5352 "ip": "91.121.79.178", 5353 "latitude": 50.646, 5354 "longitude": 3.0758, 5355 "range": "91.121.72.0/21", 5356 "scope": "Ip", 5357 "value": "91.121.79.178" 5358 }, 5359 "start_at": "2020-10-26T12:52:58.153861334+01:00", 5360 "stop_at": "2020-10-26T12:52:58.200236582+01:00" 5361 } 5362 ]