Warning "sqlite without WAL...." and cannot update community blocklist

vandt-WZ · November 24, 2022, 6:58pm

Hi Team Crowdsec,

I upgraded version from 1.3.8 → 1.4.2. I restart crowdsec and see warning. How can i fix it ?
I new user so i cant attach image to topic

crowdsec[89142]: time=“2022-11-24T23:39:04+07:00” level=warning msg=“You are using sqlite without WAL, this can have a…warning.”
Nov 24 23:39:04 : time=“2022-11-24T23:39:04+07:00” level=warning msg=“Deprecation warning: the pid_dir config can be sa…required”
Nov 24 23:39:05 time=“2022-11-24T23:39:05+07:00” level=warning msg=“You are using sqlite without WAL, this can have a…warning.”
Nov 24 23:39:05 time=“2022-11-24T23:39:05+07:00” level=warning msg=“Deprecation warning: the pid_dir config can be sa…required”

Crowdsec log
time=“25-11-2022 01:39:26” level=info msg=“Starting community-blocklist update”
time=“25-11-2022 01:39:35” level=info msg=“capi/community-blocklist : 0 explicit deletions”
time=“25-11-2022 01:39:35” level=warning msg=“sqlite is not using WAL mode, LAPI might become unresponsive when inserting the community blocklist”
time=“25-11-2022 01:39:36” level=info msg=“crowdsecurity/community-blocklist : added 18890 entries, deleted 0 entries (alert:6)”
time=“25-11-2022 01:43:54” level=info msg=“capi metrics: metrics sent successfully”

Alerts dont see update community blocklist

ID │ value │ reason │ country │ as │ decisions │ created_at │
├────┼───────────────────┼───────────────────────────────────┼─────────┼─────────────────┼───────────┼─────────────────────────────────────────┤
│ 5 │ Ip:185.234.75.159 │ crowdsecurity/http-open-proxy │ US │ 7489 HostUS │ ban:1 │ 2022-11-24 17:44:42.761322964 +0000 UTC │
│ 4 │ Ip:103.131.71.127 │ crowdsecurity/http-bad-user-agent │ VN │ 45899 VNPT Corp │ ban:1 │ 2022-11-24 16:49:39.709134511 +0000 UTC │
│ 3 │ Ip:103.131.71.147 │ crowdsecurity/http-bad-user-agent │ VN │ 45899 VNPT Corp │ ban:1 │ 2022-11-24 16:49:30.1803368 +0000 UTC │
│ 2 │ Ip:103.131.71.145 │ crowdsecurity/http-bad-user-agent │ VN │ 45899 VNPT Corp │ ban:1 │ 2022-11-24 16:49:26.169507244 +0000 UTC │
│ 1 │ Ip:103.131.71.160 │ crowdsecurity/http-bad-user-agent │ VN │ 45899 VNPT Corp │ ban:1 │ 2022-11-24 16:49:22.158959268 +0000 UTC │

smu44 · November 25, 2022, 5:21am

Hi,

About WAL: you can insert the following line in /etc/crowdsec/config.yaml, section db_config:

use_wal: true

Then restart Crowdsec using systemctl restart crowdsec.

vandt-WZ · November 26, 2022, 3:46am

Hi Smu44,

Thanks so much. With your guide, my problem’s gone

Rhandyx · December 9, 2022, 8:56pm

i have same issue .Thankyou

Ouahibh · May 8, 2023, 8:21am

Hi,
I have the same issue in opnsense, how I can set use_wal:true there.
Thank you

Cyrille37 · May 8, 2023, 12:49pm

Ouahibh · May 8, 2023, 1:59pm

Hi, thankyou.
Ok, but where I do do this?
Sincerely I don’t now how to edit the config.yaml file in my installation i.e opnsense

iiAmLoz · May 9, 2023, 8:39am

You should be able to ssh into the machine?

Ouahibh · May 9, 2023, 4:34pm

Hi Cyrille37, Hi iiAmLoz, Hi everyone,
I have test the path with the shell of Opnsense, I don’t found any directory named Crowdsec.

Ouahibh · May 10, 2023, 8:44am

Hi Cyrille37, I looked in /etc in opnsense no trace of Crowdsec.

iiAmLoz · May 10, 2023, 8:53am

Opnsense is abit different so it should be

/usr/local/etc/crowdsec/

Ouahibh · May 10, 2023, 10:03am

Hi iiAmLoz,
Thanks for your assistance, I have edited the config.yaml in /usr/local/etc/crowdsec/ folder, bat I don’t found use_wal: in the db_config; section, that’s whay I have added it, I have restarted Crwodsec with the GUI, systemctl restart crowdsec don’t work with my consol.
Now it returns :
FATA[10-05-2023 10:51:54] /usr/local/etc/crowdsec/config.yaml: yaml: line 45: did not find expected key

When I try “cscli bouncers list” or "cscli decisions list -a " commands

iiAmLoz · May 10, 2023, 10:10am

So the yaml should look like

db_config:
  use_wal: true

Please note the indentation matters

Ouahibh · May 10, 2023, 6:18pm

Hi iiAmLoz, Hi everyone,

All think is ok, thankyou very much.