github.com/crowdsecurity/crowdsec@v1.6.1/pkg/leakybucket/tests/simple-bayesian-bucket/bucket.yaml

github.com/crowdsecurity/crowdsec@v1.6.1/pkg/leakybucket/tests/simple-bayesian-bucket/bucket.yaml (about)

     1  type: bayesian
     2  name: test/simple-bayesian
     3  debug: true
     4  description: "bayesian bucket"
     5  filter: "evt.Meta.log_type == 'http_access-log' || evt.Meta.log_type == 'ssh_access-log'"
     6  groupby: evt.Meta.source_ip
     7  bayesian_prior: 0.5
     8  bayesian_threshold: 0.8
     9  bayesian_conditions:
    10  - condition: any(queue.Queue, {.Meta.http_path == "/"})
    11    prob_given_evil: 0.8
    12    prob_given_benign: 0.2
    13  - condition: any(queue.Queue, {.Meta.ssh_user == "admin"})
    14    prob_given_evil: 0.9
    15    prob_given_benign: 0.5
    16  leakspeed: 30s
    17  capacity: -1
    18  labels:
    19    type: overflow_1