When I took a closer look at crowdsec.log (for the first time), I noticed thousands of ‘strange’ entries:
eg.
time=“2024-10-26T19:27:07+02:00” level=error msg=“Unable to enrich ip ‘engine7.uptimerobot.com’” id=summer-wind method=IpToRange name=crowdsecurity/geoip-enrich stage=s02-enrich
or
time=“2024-10-20T00:50:02+02:00” level=error msg=“Unable to enrich ip ‘localhost’” id=nameless-water method=IpToRange name=crowdsecurity/geoip-enrich stage=s02enrich
The sources of these hostnames are of course the Apache2 log files, which are stored in combined format.
There have been about 40.000 log entries since Oct 20 2024, growing and growing. What is going on?
btw i did not modify any config files in crowdsecurity/apache2-logs and crowdsecurity/geoip-enrich