github.com/crowdsecurity/crowdsec@v1.6.1/pkg/apiserver/tests/alert_minibulk+simul.json

github.com/crowdsecurity/crowdsec@v1.6.1/pkg/apiserver/tests/alert_minibulk+simul.json (about)

     1  [
     2    {
     3      "capacity": 5,
     4      "decisions": null,
     5      "events": [
     6        {
     7          "meta": [
     8            {
     9              "key": "ASNOrg",
    10              "value": "OVH SAS"
    11            },
    12            {
    13              "key": "SourceRange",
    14              "value": "91.121.72.0/21"
    15            },
    16            {
    17              "key": "target_user",
    18              "value": "root"
    19            },
    20            {
    21              "key": "source_ip",
    22              "value": "91.121.79.179"
    23            },
    24            {
    25              "key": "IsoCode",
    26              "value": "FR"
    27            },
    28            {
    29              "key": "ASNNumber",
    30              "value": "16276"
    31            },
    32            {
    33              "key": "service",
    34              "value": "ssh"
    35            },
    36            {
    37              "key": "log_type",
    38              "value": "ssh_failed-auth"
    39            },
    40            {
    41              "key": "IsInEU",
    42              "value": "true"
    43            }
    44          ],
    45          "timestamp": "2020-10-02T17:09:08Z"
    46        },
    47        {
    48          "meta": [
    49            {
    50              "key": "source_ip",
    51              "value": "91.121.79.179"
    52            },
    53            {
    54              "key": "IsoCode",
    55              "value": "FR"
    56            },
    57            {
    58              "key": "log_type",
    59              "value": "ssh_failed-auth"
    60            },
    61            {
    62              "key": "service",
    63              "value": "ssh"
    64            },
    65            {
    66              "key": "IsInEU",
    67              "value": "true"
    68            },
    69            {
    70              "key": "ASNNumber",
    71              "value": "16276"
    72            },
    73            {
    74              "key": "ASNOrg",
    75              "value": "OVH SAS"
    76            },
    77            {
    78              "key": "SourceRange",
    79              "value": "91.121.72.0/21"
    80            },
    81            {
    82              "key": "target_user",
    83              "value": "root"
    84            }
    85          ],
    86          "timestamp": "2020-10-02T17:09:08Z"
    87        },
    88        {
    89          "meta": [
    90            {
    91              "key": "target_user",
    92              "value": "root"
    93            },
    94            {
    95              "key": "IsInEU",
    96              "value": "true"
    97            },
    98            {
    99              "key": "ASNNumber",
   100              "value": "16276"
   101            },
   102            {
   103              "key": "service",
   104              "value": "ssh"
   105            },
   106            {
   107              "key": "log_type",
   108              "value": "ssh_failed-auth"
   109            },
   110            {
   111              "key": "source_ip",
   112              "value": "91.121.79.179"
   113            },
   114            {
   115              "key": "IsoCode",
   116              "value": "FR"
   117            },
   118            {
   119              "key": "ASNOrg",
   120              "value": "OVH SAS"
   121            },
   122            {
   123              "key": "SourceRange",
   124              "value": "91.121.72.0/21"
   125            }
   126          ],
   127          "timestamp": "2020-10-02T17:09:08Z"
   128        },
   129        {
   130          "meta": [
   131            {
   132              "key": "ASNNumber",
   133              "value": "16276"
   134            },
   135            {
   136              "key": "ASNOrg",
   137              "value": "OVH SAS"
   138            },
   139            {
   140              "key": "service",
   141              "value": "ssh"
   142            },
   143            {
   144              "key": "source_ip",
   145              "value": "91.121.79.179"
   146            },
   147            {
   148              "key": "IsoCode",
   149              "value": "FR"
   150            },
   151            {
   152              "key": "SourceRange",
   153              "value": "91.121.72.0/21"
   154            },
   155            {
   156              "key": "target_user",
   157              "value": "root"
   158            },
   159            {
   160              "key": "log_type",
   161              "value": "ssh_failed-auth"
   162            },
   163            {
   164              "key": "IsInEU",
   165              "value": "true"
   166            }
   167          ],
   168          "timestamp": "2020-10-02T17:09:08Z"
   169        },
   170        {
   171          "meta": [
   172            {
   173              "key": "SourceRange",
   174              "value": "91.121.72.0/21"
   175            },
   176            {
   177              "key": "target_user",
   178              "value": "root"
   179            },
   180            {
   181              "key": "service",
   182              "value": "ssh"
   183            },
   184            {
   185              "key": "log_type",
   186              "value": "ssh_failed-auth"
   187            },
   188            {
   189              "key": "source_ip",
   190              "value": "91.121.79.179"
   191            },
   192            {
   193              "key": "IsoCode",
   194              "value": "FR"
   195            },
   196            {
   197              "key": "IsInEU",
   198              "value": "true"
   199            },
   200            {
   201              "key": "ASNNumber",
   202              "value": "16276"
   203            },
   204            {
   205              "key": "ASNOrg",
   206              "value": "OVH SAS"
   207            }
   208          ],
   209          "timestamp": "2020-10-02T17:09:08Z"
   210        },
   211        {
   212          "meta": [
   213            {
   214              "key": "log_type",
   215              "value": "ssh_failed-auth"
   216            },
   217            {
   218              "key": "source_ip",
   219              "value": "91.121.79.179"
   220            },
   221            {
   222              "key": "ASNNumber",
   223              "value": "16276"
   224            },
   225            {
   226              "key": "ASNOrg",
   227              "value": "OVH SAS"
   228            },
   229            {
   230              "key": "SourceRange",
   231              "value": "91.121.72.0/21"
   232            },
   233            {
   234              "key": "target_user",
   235              "value": "root"
   236            },
   237            {
   238              "key": "service",
   239              "value": "ssh"
   240            },
   241            {
   242              "key": "IsoCode",
   243              "value": "FR"
   244            },
   245            {
   246              "key": "IsInEU",
   247              "value": "true"
   248            }
   249          ],
   250          "timestamp": "2020-10-02T17:09:08Z"
   251        }
   252      ],
   253      "events_count": 6,
   254      "labels": null,
   255      "leakspeed": "10s",
   256      "message": "Ip 91.121.79.179 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202",
   257      "remediation": true,
   258      "scenario": "crowdsecurity/ssh-bf",
   259      "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f",
   260      "scenario_version": "0.1",
   261      "simulated": true,
   262      "source": {
   263        "as_name": "OVH SAS",
   264        "cn": "FR",
   265        "ip": "91.121.79.179",
   266        "latitude": 50.646,
   267        "longitude": 3.0758,
   268        "range": "91.121.72.0/21",
   269        "scope": "Ip",
   270        "value": "91.121.79.179"
   271      },
   272      "start_at": "2020-10-26T12:52:58.153861334+01:00",
   273      "stop_at": "2020-10-26T12:52:58.200236582+01:00"
   274    },
   275    {
   276      "capacity": 5,
   277      "decisions": null,
   278      "events": [
   279        {
   280          "meta": [
   281            {
   282              "key": "ASNOrg",
   283              "value": "OVH SAS"
   284            },
   285            {
   286              "key": "SourceRange",
   287              "value": "91.121.72.0/21"
   288            },
   289            {
   290              "key": "target_user",
   291              "value": "root"
   292            },
   293            {
   294              "key": "source_ip",
   295              "value": "91.121.79.178"
   296            },
   297            {
   298              "key": "IsoCode",
   299              "value": "FR"
   300            },
   301            {
   302              "key": "ASNNumber",
   303              "value": "16276"
   304            },
   305            {
   306              "key": "service",
   307              "value": "ssh"
   308            },
   309            {
   310              "key": "log_type",
   311              "value": "ssh_failed-auth"
   312            },
   313            {
   314              "key": "IsInEU",
   315              "value": "true"
   316            }
   317          ],
   318          "timestamp": "2020-10-02T17:09:08Z"
   319        },
   320        {
   321          "meta": [
   322            {
   323              "key": "source_ip",
   324              "value": "91.121.79.178"
   325            },
   326            {
   327              "key": "IsoCode",
   328              "value": "FR"
   329            },
   330            {
   331              "key": "log_type",
   332              "value": "ssh_failed-auth"
   333            },
   334            {
   335              "key": "service",
   336              "value": "ssh"
   337            },
   338            {
   339              "key": "IsInEU",
   340              "value": "true"
   341            },
   342            {
   343              "key": "ASNNumber",
   344              "value": "16276"
   345            },
   346            {
   347              "key": "ASNOrg",
   348              "value": "OVH SAS"
   349            },
   350            {
   351              "key": "SourceRange",
   352              "value": "91.121.72.0/21"
   353            },
   354            {
   355              "key": "target_user",
   356              "value": "root"
   357            }
   358          ],
   359          "timestamp": "2020-10-02T17:09:08Z"
   360        },
   361        {
   362          "meta": [
   363            {
   364              "key": "target_user",
   365              "value": "root"
   366            },
   367            {
   368              "key": "IsInEU",
   369              "value": "true"
   370            },
   371            {
   372              "key": "ASNNumber",
   373              "value": "16276"
   374            },
   375            {
   376              "key": "service",
   377              "value": "ssh"
   378            },
   379            {
   380              "key": "log_type",
   381              "value": "ssh_failed-auth"
   382            },
   383            {
   384              "key": "source_ip",
   385              "value": "91.121.79.178"
   386            },
   387            {
   388              "key": "IsoCode",
   389              "value": "FR"
   390            },
   391            {
   392              "key": "ASNOrg",
   393              "value": "OVH SAS"
   394            },
   395            {
   396              "key": "SourceRange",
   397              "value": "91.121.72.0/21"
   398            }
   399          ],
   400          "timestamp": "2020-10-02T17:09:08Z"
   401        },
   402        {
   403          "meta": [
   404            {
   405              "key": "ASNNumber",
   406              "value": "16276"
   407            },
   408            {
   409              "key": "ASNOrg",
   410              "value": "OVH SAS"
   411            },
   412            {
   413              "key": "service",
   414              "value": "ssh"
   415            },
   416            {
   417              "key": "source_ip",
   418              "value": "91.121.79.178"
   419            },
   420            {
   421              "key": "IsoCode",
   422              "value": "FR"
   423            },
   424            {
   425              "key": "SourceRange",
   426              "value": "91.121.72.0/21"
   427            },
   428            {
   429              "key": "target_user",
   430              "value": "root"
   431            },
   432            {
   433              "key": "log_type",
   434              "value": "ssh_failed-auth"
   435            },
   436            {
   437              "key": "IsInEU",
   438              "value": "true"
   439            }
   440          ],
   441          "timestamp": "2020-10-02T17:09:08Z"
   442        },
   443        {
   444          "meta": [
   445            {
   446              "key": "SourceRange",
   447              "value": "91.121.72.0/21"
   448            },
   449            {
   450              "key": "target_user",
   451              "value": "root"
   452            },
   453            {
   454              "key": "service",
   455              "value": "ssh"
   456            },
   457            {
   458              "key": "log_type",
   459              "value": "ssh_failed-auth"
   460            },
   461            {
   462              "key": "source_ip",
   463              "value": "91.121.79.178"
   464            },
   465            {
   466              "key": "IsoCode",
   467              "value": "FR"
   468            },
   469            {
   470              "key": "IsInEU",
   471              "value": "true"
   472            },
   473            {
   474              "key": "ASNNumber",
   475              "value": "16276"
   476            },
   477            {
   478              "key": "ASNOrg",
   479              "value": "OVH SAS"
   480            }
   481          ],
   482          "timestamp": "2020-10-02T17:09:08Z"
   483        },
   484        {
   485          "meta": [
   486            {
   487              "key": "log_type",
   488              "value": "ssh_failed-auth"
   489            },
   490            {
   491              "key": "source_ip",
   492              "value": "91.121.79.178"
   493            },
   494            {
   495              "key": "ASNNumber",
   496              "value": "16276"
   497            },
   498            {
   499              "key": "ASNOrg",
   500              "value": "OVH SAS"
   501            },
   502            {
   503              "key": "SourceRange",
   504              "value": "91.121.72.0/21"
   505            },
   506            {
   507              "key": "target_user",
   508              "value": "root"
   509            },
   510            {
   511              "key": "service",
   512              "value": "ssh"
   513            },
   514            {
   515              "key": "IsoCode",
   516              "value": "FR"
   517            },
   518            {
   519              "key": "IsInEU",
   520              "value": "true"
   521            }
   522          ],
   523          "timestamp": "2020-10-02T17:09:08Z"
   524        }
   525      ],
   526      "events_count": 6,
   527      "labels": null,
   528      "leakspeed": "10s",
   529      "message": "Ip 91.121.79.178 performed crowdsecurity/ssh-bf (6 events over 46.375699ms) at 2020-10-26 12:52:58.200237122 +0100 CET m=+8.191478202",
   530      "remediation": true,
   531      "scenario": "crowdsecurity/ssh-bf",
   532      "scenario_hash": "4441dcff07020f6690d998b7101e642359ba405c2abb83565bbbdcee36de280f",
   533      "scenario_version": "0.1",
   534      "simulated": false,
   535      "source": {
   536        "as_name": "OVH SAS",
   537        "cn": "FR",
   538        "ip": "91.121.79.178",
   539        "latitude": 50.646,
   540        "longitude": 3.0758,
   541        "range": "91.121.72.0/21",
   542        "scope": "Ip",
   543        "value": "91.121.79.178"
   544      },
   545      "start_at": "2020-10-26T12:52:58.153861334+01:00",
   546      "stop_at": "2020-10-26T12:52:58.200236582+01:00"
   547    }
   548  ]