Skip to content

Commit bd5b8d9

Browse files
author
jdv
committed
mini clean and content+
1 parent 478609f commit bd5b8d9

File tree

1 file changed

+21
-2
lines changed

1 file changed

+21
-2
lines changed

crowdsec-docs/unversioned/getting_started/post_installation/health_check.mdx

Lines changed: 21 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -159,6 +159,22 @@ If not, check the troubleshooting section below
159159

160160
<details id="troubleshooting_service">
161161
<summary>CrowdSec Service Troubleshooting: is the CrowdSec service running?</summary>
162+
Make sure the CrowdSec service is running properly. You can check the status of the service with the following command:
163+
<CodeBlock className="language-bash">sudo systemctl status crowdsec</CodeBlock>
164+
- You should see the service status as "active (running)".
165+
166+
If the service is not running, you can start it with the following command:
167+
<CodeBlock className="language-bash">sudo systemctl start crowdsec</CodeBlock>
168+
169+
If the service fails to start, you can check the logs for more information:
170+
<CodeBlock className="language-bash">sudo journalctl -u crowdsec</CodeBlock>
171+
172+
Reasons for the service not running can include:
173+
- Misconfiguration in the `config.yaml` file.
174+
- Port conflicts with other services. By default, CrowdSec uses port 8080 for the Local API (LAPI) and port 6060 for the Local API metrics.
175+
- The port configuration can be setup in `config.yaml` file or by setting the environment variables depending on your implementation
176+
- Insufficient permissions to access the log files or directories.
177+
- Acquisition files format errors.
162178

163179
</details>
164180
</details>
@@ -193,7 +209,10 @@ The CAPI allows your instance to receive a curated blocklist of malicious IP add
193209
- If this test fail, try to enrol to the console to check what's going on.
194210

195211
Other common issues that can prevent your Security Engine from connecting to the CAPI include:
196-
- online api credentials exist in `/etc/crowdsec/config/online_api_credentials.yaml` (default path)
212+
- Check that the online api credentials `online_api_credentials.yaml` exist in your crowdsec config directory
213+
- If they don't exist, you can create them by running the command:
214+
<CodeBlock className="language-bash">sudo cscli capi register</CodeBlock>
215+
- Check that the `crowdsec` service is running and properly configured to connect to the CAPI.
197216
- Firewall rules blocking outbound connections to the CrowdSec Central API.
198217
- DNS resolution issues.
199218
- Proxy server configuration.
@@ -214,7 +233,7 @@ For now, we will perform a manual test by temporarily banning your own IP addres
214233

215234
<details>
216235
<summary>✋🏻 Bouncer Remediation test</summary>
217-
236+
218237
This test involves manually creating a ban decision against your own public IP address for a very short period (1 minute).
219238

220239
::danger BE CAREFUL: Risk of Self-Lockout

0 commit comments

Comments
 (0)