Acquis.yaml questions and other things

I have installed this collection CrowdSec Hub
What label type should I use in acquis.yaml file?
I have this but I don’t see any evidence of the logs being read when I do cscli metrics
imagen

/ # cscli metrics
INFO[14-03-2022 11:15:28 PM] Acquisition Metrics:                         
+--------------------------------+------------+--------------+----------------+------------------------+
|             SOURCE             | LINES READ | LINES PARSED | LINES UNPARSED | LINES POURED TO BUCKET |
+--------------------------------+------------+--------------+----------------+------------------------+
| file:/var/log/nginx/access.log |         55 |           55 | -              | -                      |
+--------------------------------+------------+--------------+----------------+------------------------+

The other problem is that my bouncer is working but it looks like last api pull value is not being updated

/ # cscli bouncers list
---------------------------------------------------------------------------------
 NAME  IP ADDRESS   VALID  LAST API PULL         TYPE                    VERSION 
---------------------------------------------------------------------------------
 swag  10.10.50.10  ✔️      2022-03-14T21:21:17Z  crowdsec-nginx-bouncer  v1.0.0  

I am using this bouncer GitHub - linuxserver/docker-mods at swag-crowdsec
I have port 8080 open from the bouncer to the API cscli (they are in different vlans)


And the last one
When I try to install this in docker I get this error
/ # cscli dashboard setup
FATA[14-03-2022 11:09:48 PM] Cannot connect to the Docker daemon at unix:///var/run/docker.sock. Is the docker daemon running?

Hello @lordraiden ,

Do you have the home-assistant collection installed?

For the acquis.yaml i think the type should be home-assistant.

For your docker problem, do you have docker installed? Is the service started ?

I solved the issue with home-assistant, maybe it should be added in the documentation.

On the other hand

/ # cscli bouncers list
-------------------------------------------------------------------------------------------------------------------------------------------
 NAME               IP ADDRESS   VALID  LAST API PULL         TYPE                         VERSION                                         
-------------------------------------------------------------------------------------------------------------------------------------------
 swag               10.10.50.10  ✔️      2022-03-14T21:21:17Z  crowdsec-nginx-bouncer       v1.0.0                                          
 cloudflarebouncer  10.10.40.11  ✔️      2022-03-20T19:20:05Z  crowdsec-cloudflare-bouncer  v0.0.9-d93dd28911e1913589b15684c15c221f8c33a588 
-------------------------------------------------------------------------------------------------------------------------------------------
/ # 

The bouncer works but the las API pull is still from the installation date I have seen that due to that the bouncer appears offline in the web console

Is this normal?

Hello,

Can you paste the logs of the bouncer please?

I am using SWAG (nginx) with the crowdsec mod, I don’t think I have access to the logs.
In any case I have been testing it and when I attack the webserver the IP gets banned.

So it looks like is working but not doing pulls or something

-------------------------------------------------------------------------------------------------------------------------------------------
 NAME               IP ADDRESS   VALID  LAST API PULL         TYPE                         VERSION                                         
-------------------------------------------------------------------------------------------------------------------------------------------
 swag               10.10.50.10  ✔️      2022-03-14T21:21:17Z  crowdsec-nginx-bouncer       v1.0.0                                          
 cloudflarebouncer  10.10.40.11  ✔️      2022-03-23T07:24:06Z  crowdsec-cloudflare-bouncer  v0.0.9-d93dd28911e1913589b15684c15c221f8c33a588 
-------------------------------------------------------------------------------------------------------------------------------------------

Hello @lordraiden,

For bouncers in live mode, the LAST API PULL is not updated to avoid perfomances issues :confused: