Hello,
I wonder if its possible to implement ransomeware or file integrity hash modification added check etc… workflow detection, if such scenario is possible with Crowdsec?
Thanks
For clarity, this was also asked on Discord 
But to repeat: Right now it’s not supported. It’s a bit far from the original idea (which is reading and parsing logs) so if it comes it’s not going to happen anytime soon.