It seems this didn’t happen automatically on my Debian installation and I am a newbie experimenting here on my NAS so I’d appreciate any hints.
EDIT
googled it and set it as active, enabled yet finding errors in crowdsec logs.
time="14-12-2020 13:39:52" level=info msg="Crowdsec v0.3.6-2fdf7624da381af605baa46f319f2ed3015807e4"
time="14-12-2020 13:39:52" level=info msg="Loading prometheus collectors"
time="14-12-2020 13:39:52" level=info msg="Loading grok library"
time="14-12-2020 13:39:52" level=warning msg="Starting profiling and http server"
time="14-12-2020 13:39:53" level=info msg="Loading enrich plugins"
time="14-12-2020 13:39:53" level=info msg="Loading parsers"
time="14-12-2020 13:39:53" level=info msg="Node in /etc/crowdsec/config/parsers/s00-raw/syslog-logs.yaml has no name,author or description. Skipping."
time="14-12-2020 13:39:53" level=info msg="Loaded 2 parser nodes" file=/etc/crowdsec/config/parsers/s00-raw/syslog-logs.yaml
time="14-12-2020 13:39:53" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/config/parsers/s01-parse/apache2-logs.yaml
time="14-12-2020 13:39:53" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/config/parsers/s01-parse/iptables-logs.yaml
time="14-12-2020 13:39:53" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/config/parsers/s01-parse/mysql-logs.yaml
time="14-12-2020 13:39:53" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/config/parsers/s01-parse/nginx-logs.yaml
time="14-12-2020 13:39:53" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/config/parsers/s01-parse/postfix-logs.yaml
time="14-12-2020 13:39:53" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/config/parsers/s01-parse/sshd-logs.yaml
time="14-12-2020 13:39:53" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/config/parsers/s02-enrich/dateparse-enrich.yaml
time="14-12-2020 13:39:53" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/config/parsers/s02-enrich/geoip-enrich.yaml
time="14-12-2020 13:39:53" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/config/parsers/s02-enrich/http-logs.yaml
time="14-12-2020 13:39:53" level=info msg="Loaded 1 parser nodes" file=/etc/crowdsec/config/parsers/s02-enrich/whitelists.yaml
time="14-12-2020 13:39:53" level=info msg="Loaded 12 nodes, 3 stages"
time="14-12-2020 13:39:53" level=info msg="Loading postoverflow parsers"
time="14-12-2020 13:39:53" level=fatal msg="Unable to compile whitelist expression 'any(File('cloudflare_ips.txt'), { IpInRange(evt.Overflow.Alert.Source.IP ,#)})' : type types.SignalOccurence has no field Alert (1:58)\n | any(File('cloudflare_ips.txt'), { IpInRange(evt.Overflow.Alert.Source.IP ,#)})\n | .........................................................^." id=rough-forest name=crowdsecurity/cdn-whitelist stage=s01-whitelist
btw. I am wodnering why it still shows v0.3.6 - I tried cscli update then cscli upgrade and nothing happend upon which I followed these instructions:
curl -s https://api.github.com/repos/crowdsecurity/crowdsec/releases/latest | grep browser_download_url| cut -d '"' -f 4 | wget -i -
tar xvzf crowdsec-release.tgz
cd crowdsec-v*
sudo ./wizard.sh -i
reloaded the service, still getting the error above.