Hi,
I would like to add a custom collection that include a parser and 2 scenarios for gitlab.
After testing them using How to write CrowdSec parsers & scenarios - the Asterisk VoIP use case - The open-source & collaborative IPS as a walkthrough, I’ve copied my files to /etc/crowdsec
on my preprod machine. However, I see information logs about my files being ignored:
time="06-03-2022 13:01:00" level=info msg="Ignoring file /etc/crowdsec/hub/parsers/s01-parse/orange/gitlab-logs.yaml of type parsers"
time="06-03-2022 13:01:00" level=info msg="Ignoring file /etc/crowdsec/hub/scenarios/orange/gitlab-bf.yaml of type scenarios"
time="06-03-2022 13:01:00" level=info msg="Ignoring file /etc/crowdsec/hub/scenarios/orange/gitlab-user-enum.yaml of type scenarios"
time="06-03-2022 13:01:00" level=info msg="Ignoring file /etc/crowdsec/hub/collections/orange/gitlab.yaml of type collections"
For testing purposes, I’ve modified the /etc/crowdsec/hub/.index.json
by injecting the files (as base64 + sha256 digest) and they’re loaded but this is not a solution of course.
Are my custom parsers and scenarios available or they’re simply ignored ?
I’m sorry for this newbie question.
Regards