github.com/crowdsecurity/crowdsec@v1.6.1/pkg/leakybucket/tests/guillotine-bayesian-bucket/bucket.yaml

github.com/crowdsecurity/crowdsec@v1.6.1/pkg/leakybucket/tests/guillotine-bayesian-bucket/bucket.yaml (about)

     1  type: bayesian
     2  name: test/guillotine-bayesian
     3  debug: true
     4  description: "bayesian bucket"
     5  filter: "evt.Meta.log_type == 'http_access-log' || evt.Meta.log_type == 'ssh_access-log'"
     6  groupby: evt.Meta.source_ip
     7  bayesian_prior: 0.5
     8  bayesian_threshold: 0.8
     9  bayesian_conditions:
    10  - condition: evt.Meta.http_path == "/"
    11    prob_given_evil: 0.8
    12    prob_given_benign: 0.2
    13    guillotine : true
    14  - condition: evt.Meta.ssh_user == "admin"
    15    prob_given_evil: 0.9
    16    prob_given_benign: 0.5
    17    guillotine : true
    18  leakspeed: 30s
    19  capacity: -1
    20  labels:
    21    type: overflow_1