You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: crowdsec-docs/docs/getting_started/intro.md
+3-3Lines changed: 3 additions & 3 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -19,9 +19,9 @@ See [Version Matrix](/getting_started/versions_matrix.md) for a list of supporte
19
19
## Why is my Security Engine classed as a "log processor" within the console?
20
20
21
21
The `Security Engine` comes compiled with a number of core components that can be enabled or disabled at runtime.
22
+
One of these features is called the **"LAPI"** (Local API) and other one is the **"log processor"**.
22
23
23
-
One of these features is called the "LAPI" (Local API). If this feature is disabled at runtime, the Security Engine will be classed as a "log processor" within the console as it will only be able to process logs and forward the alerts to the local API you define in the configuration.
24
+
A single `Security Engine` can run in autonomous mode where it handles reading logs (or requests) and processing them as well as handling alerts and other task on its own **"LAPI"**.
25
+
For **scaling** or **perimeter segmentation** reasons you might want to have a distributed setup. In that case multiple `Security Engines` process logs and send alerts to a central one's **"LAPI"**. In that distributed case you'll see **"log processors"** attached to the central `Security Engines` in the console UI.
24
26
25
27
Read more about the [Log Processor](log_processor/intro.mdx) and the [Local API](local_api/intro.md).
26
-
27
-
Most commonly this is the case when you are running in a distributed setup, where you have a central server that is running the LAPI and a number of remote servers that are running the "Log processors".
Copy file name to clipboardExpand all lines: crowdsec-docs/unversioned/integrations/genericvendor.mdx
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,23 +1,23 @@
1
1
---
2
2
id: genericfirewall
3
-
title: Generic Firewall
3
+
title: Generic Firewall (Raw IP-list)
4
4
---
5
5
importThemedImagefrom"@theme/ThemedImage";
6
6
importuseBaseUrlfrom"@docusaurus/useBaseUrl";
7
7
8
-
The CrowdSec Generic Firewall integration allows you to block malicious IPs in your Firewall. This guide will walk you through the steps to integrate CrowdSec blocklists with your Firewall.
8
+
The CrowdSec Raw IP List (or Generic Firewall) integration allows you to block malicious IPs in your Firewall. This guide will walk you through the steps to integrate CrowdSec blocklists with your Firewall.
9
9
10
10
### Prerequisites
11
11
12
-
Before you begin, please ensure your Generic Firewall device supports ingesting blocklists. If you are unsure, please refer to the Generic Firewall documentation or contact Generic Firewall support.
12
+
Before you begin, please ensure your device supports ingesting the raw IP format (one ip per line).
13
13
14
14
### Steps
15
15
16
16
We will presume you followed the [Getting Started](integrations/intro.mdx) guide and have created an account on the CrowdSec Console.
17
17
18
18
Once you are authenticated, you can proceed to the Blocklist tab located on the top menu bar, from there you can select the Integrations sub menu.
19
19
20
-
Once the page has loaded, you can click the "Connect" button under the Generic Firewall logo.
20
+
Once the page has loaded, you can click the "Connect" button under the Raw IP List (or Generic Firewall) logo.
0 commit comments