[PATCH] remove broken scenario `ban-report-ssh_bf_report` (#181)

author Thibault "bui" Koechlin <thibault@crowdsec.net>

Fri, 12 Mar 2021 15:01:53 +0000 (16:01 +0100)

committer Peter Michael Green <plugwash@raspbian.org>

Sat, 8 May 2021 13:10:12 +0000 (14:10 +0100)
author Thibault "bui" Koechlin <thibault@crowdsec.net>
Fri, 12 Mar 2021 15:01:53 +0000 (16:01 +0100)
committer Peter Michael Green <plugwash@raspbian.org>
Sat, 8 May 2021 13:10:12 +0000 (14:10 +0100)
diff --git a/hub1/.index.json b/hub1/.index.json

index 785da1fafb27e0bc8ad7b017960681c54bf024cf..b78978cdfc48e0a2db0a6d5db35086e6a6d29465 100644 (file)
--- a/hub1/.index.json
+++ b/hub1/.index.json
@@ -732,27 +732,6 @@
      "remediation": "true"
     }
    },
-  "crowdsecurity/ban-report-ssh_bf_report": {
-   "path": "scenarios/crowdsecurity/ban-report-ssh_bf_report.yaml",
-   "version": "0.2",
-   "versions": {
-    "0.1": {
-     "digest": "0a7bc501a12b4a8aff250d95d3a08dd0f53ad9eb874ac523ba9c628302749c4d",
-     "deprecated": false
-    },
-    "0.2": {
-     "digest": "34d80ea3e271c1c1735e55076610063b137a2311a11d51fecff93715b9a4ac39",
-     "deprecated": false
-    }
-   },
-   "long_description": "Q291bnQgdGhlIG51bWJlciBvZiB1bmlxdWUgaXBzIHRoYXQgcGVyZm9ybWVkIHNzaF9icnV0ZWZvcmNlcywgcmVwb3J0IGV2ZXJ5IDEwIG1pbnV0ZXMuCg==",
-   "content": "dHlwZTogY291bnRlcgpuYW1lOiBjcm93ZHNlY3VyaXR5L2Jhbi1yZXBvcnRzLXNzaF9iZl9yZXBvcnQKZGVzY3JpcHRpb246ICJDb3VudCB1bmlxdWUgaXBzIHBlcmZvcm1pbmcgc3NoIGJydXRlZm9yY2UiCiNkZWJ1ZzogdHJ1ZQpmaWx0ZXI6ICJldnQuT3ZlcmZsb3cuQWxlcnQuU2NlbmFyaW8gPT0gJ3NzaF9icnV0ZWZvcmNlJyIKZGlzdGluY3Q6ICJldnQuT3ZlcmZsb3cuQWxlcnQuU291cmNlLklQIgpjYXBhY2l0eTogLTEKZHVyYXRpb246IDEwbQpsYWJlbHM6CiAgc2VydmljZTogc3NoCg==",
-   "description": "Count unique ips performing ssh bruteforce",
-   "author": "crowdsecurity",
-   "labels": {
-    "service": "ssh"
-   }
-  },
    "crowdsecurity/dovecot-spam": {
     "path": "scenarios/crowdsecurity/dovecot-spam.yaml",
     "version": "0.1",
diff --git a/hub1/scenarios/crowdsecurity/ban-report-ssh_bf_report.md b/hub1/scenarios/crowdsecurity/ban-report-ssh_bf_report.md

deleted file mode 100644 (file)

index a8dfb90..0000000
--- a/hub1/scenarios/crowdsecurity/ban-report-ssh_bf_report.md
+++ /dev/null
@@ -1 +0,0 @@
-Count the number of unique ips that performed ssh_bruteforces, report every 10 minutes.
diff --git a/hub1/scenarios/crowdsecurity/ban-report-ssh_bf_report.yaml b/hub1/scenarios/crowdsecurity/ban-report-ssh_bf_report.yaml

deleted file mode 100644 (file)

index 3f26040..0000000
--- a/hub1/scenarios/crowdsecurity/ban-report-ssh_bf_report.yaml
+++ /dev/null
@@ -1,10 +0,0 @@
-type: counter
-name: crowdsecurity/ban-reports-ssh_bf_report
-description: "Count unique ips performing ssh bruteforce"
-#debug: true
-filter: "evt.Overflow.Alert.Scenario == 'ssh_bruteforce'"
-distinct: "evt.Overflow.Alert.Source.IP"
-capacity: -1
-duration: 10m
-labels:
-  service: ssh
author	Thibault "bui" Koechlin <thibault@crowdsec.net>
	Fri, 12 Mar 2021 15:01:53 +0000 (16:01 +0100)
committer	Peter Michael Green <plugwash@raspbian.org>
	Sat, 8 May 2021 13:10:12 +0000 (14:10 +0100)
hub1/.index.json		patch \| blob \| history
hub1/scenarios/crowdsecurity/ban-report-ssh_bf_report.md	[deleted file]	patch \| blob \| history
hub1/scenarios/crowdsecurity/ban-report-ssh_bf_report.yaml	[deleted file]	patch \| blob \| history