Crowdsec has a consistently large virtual memory size (1.3GB shown) meaning it could easily fill a lot of memory if something goes wrong. Can this be reduced?
Since it is essentially parsing log files and sending messages, I don’t see why it should be so big.

2022/05/03 23:43:07 version: v1.3.4-debian-pragmatic-ddfe95e45d98d1e7a6496d2499e2e44a023135be
2022/05/03 23:43:07 Codename: alphaga
2022/05/03 23:43:07 BuildDate: 2022-04-29_09:36:16
2022/05/03 23:43:07 GoVersion: 1.17.5
2022/05/03 23:43:07 Platform: linux
2022/05/03 23:43:07 Constraint_parser: >= 1.0, <= 2.0
2022/05/03 23:43:07 Constraint_scenario: >= 1.0, < 3.0
2022/05/03 23:43:07 Constraint_api: v1
2022/05/03 23:43:07 Constraint_acquis: >= 1.0, < 2.0

Hello,

Can you show the installed scenario ?
Furthermore, what backend database do you use ? Do you use some bouncers also ?

On this server (1.3GB) there is no scenario, it is LAPI only. All of my containers with scenarios are even worse:

I wasn’t aware there was a backend database? It is a fairly default install, I haven’t added one. mysqld pictured is not related.
The firewall bouncer in the screenshot has an equally large virtual memory size.

Hello,

This is actually normal because crowdsec (and the firewall bouncer) are written in go. Due to the way the go memory allocator works, a large amount of virtual memory can be allocated (see Frequently Asked Questions (FAQ) - The Go Programming Language).