41 lines
1.2 KiB
YAML
41 lines
1.2 KiB
YAML
crowdsec: &crowdsec_config
|
|
# for raw logs format: json or cri (docker|containerd)
|
|
container_runtime: docker
|
|
agent:
|
|
# Specify each pod whose logs you want to process
|
|
acquisition:
|
|
# The namespace where the pod is located
|
|
- namespace: kube-system
|
|
# The pod name
|
|
podName: traefik-*
|
|
# as in crowdsec configuration, we need to specify the program name to find a matching parser
|
|
program: traefik
|
|
env:
|
|
- name: COLLECTIONS
|
|
value: "crowdsecurity/traefik crowdsecurity/http-cve"
|
|
lapi:
|
|
env:
|
|
# To enroll the Security Engine to the console
|
|
- name: ENROLL_KEY
|
|
value: "cmieq72i3000802jr1wx8kply"
|
|
- name: ENROLL_INSTANCE_NAME
|
|
value: "homelab"
|
|
- name: ENROLL_TAGS
|
|
value: "k3s rpi test"
|
|
appsec:
|
|
enabled: true
|
|
resources:
|
|
limits:
|
|
cpu: "500m"
|
|
memory: "300Mi"
|
|
requests:
|
|
cpu: "100m"
|
|
memory: "200Mi"
|
|
|
|
tool:
|
|
# kind: 'SubChart' or 'HelmChart', if subchart then uncomment Chart.yaml dependency, else comment and use tool library with helm chart template
|
|
kind: 'SubChart'
|
|
repo: https://crowdsecurity.github.io/helm-charts
|
|
chart: crowdsec
|
|
version: 0.20.1
|
|
values: *crowdsec_config |