Details page
Introduction
This page will reference information about a specific Security Engine. This page is your one-stop resource for understanding everything related to the Security Engine you're interested in.
Usage
Summary�
At the top of the page, the essential information regarding the Security Engine is referenced. This includes the IP address, ID, last activity, tags, and the current version. This page will notify if the Security Engine is not running the latest CrowdSec version. To identify outdated Security Engines, you can also utilize the Troubleshooting feature.
Quick actions are available from the summary to apply changes to your Security Engine.
Log Processors
The Log Processors section will only be displayed if the Security Engines have multiple log processors, indicating a Distributed Setup. Here, you can access all essential information regarding the log processors and their current version.
A warning will be displayed if any Security Engine has an outdated version.
Blocklists
The Blocklists section will display all blocklists associated with the Security Engine. This section will provide information about the blocklist, including the number of IPs, the last update, and the number of false positives.
See the blocklist documentation to install your first one.
Scenarios
To view all installed scenarios on the Security Engine, navigate to the Scenarios section. Here, each scenario will display the triggered alerts, easily accessible on the HUB with just one click.
For additional scenarios, visit the CrowdSec HUB.
By clicking on a scenario, you can access essential information about the scenario and be redirected to the corresponding page in the CrowdSec HUB. This provides direct access to the necessary details.
Remediation components
The remediation component in CrowdSec will apply either the decisions made by CrowdSec or the custom decisions. The complete list of decisions from the dedicated section is available at the bottom of the page.
Inactive remediation components
Remediation components are meant to block attackers. Having inactive remediation component can compromise the security of your Security Engine, as they cannot apply decisions.
