Without installing Docker or other web interface, has anyone written a script to send an email in the event of an alert?
Hello @cavaughan
Crowdsec doesn’t provide this out of the box, but I guess it would be quite simple to put together.
Are you looking for a “send me an email as soon as there is an alert” or “send me a recap every X hours of the alerts I got” ?
(I’m afraid the first one might be noisy, internet being … internet)
Either would be fine. If the first is too noisy, then the latter would be fine. It’s only for local systems, so it’s not that big a deal. I would think it’s not that hard and if no one’s written anything I’ll give it a go.
I don’t think it’s hard neither, but we don’t have it yet
If you were to look into it, let us know if you need any help !
The best way is probably to write your own bouncer, but instead of blocking IP the bouncer will send an email alert.
You probably want to send a recap and not a mail on each blocked IP, but that is to you to test.
+1 from me and I would be into daily summary reports.
It’s been a year since last update in this thread and I’m wondering if reporting via email has been added since?
If there is nothing officially baked in perhaps one of the users managed to put together something nice and is willing to share?