Observability in security software is crucial, especially when this software might take important decision such as blocking IP addresses.
We attempt to provide good observability of CrowdSec's behavior :
- CrowdSec itself exposes a prometheus instrumentation
cscliallows you to view part of prometheus metrics in cli (
- CrowdSec logging is contextualized for easy processing
- for humans,
cscliallows you to trivially start a service exposing dashboards (using metabase)
Furthermore, most of CrowdSec configuration should allow you to enable partial debug (ie. per-scenario, per-parser etc.)