diff --git a/docker/README.md b/docker/README.md index 4719cd6ac..ec5b9917e 100644 --- a/docker/README.md +++ b/docker/README.md @@ -75,8 +75,7 @@ If you want to be able to restart/stop your container and keep the same DB `-v / * `PARSERS` - Parsers to install from the [hub](https://hub.crowdsec.net/browse/#configurations), separated by space : `-e PARSERS="crowdsecurity/http-logs crowdsecurity/modsecurity"` * `POSTOVERFLOWS` - Postoverflows to install from the [hub](https://hub.crowdsec.net/browse/#configurations), separated by space : `-e POSTOVERFLOWS="crowdsecurity/cdn-whitelist"` * `CONFIG_FILE` - Configuration file (default: `/etc/crowdsec/config.yaml`) : `-e CONFIG_FILE=""` -* `FILE_PATH` - Process a single file in time-machine : `-e FILE_PATH=""` -* `JOURNALCTL_FILTER` - Process a single journalctl output in time-machine : `-e JOURNALCTL_FILTER=""` +* `DSN` - Process a single source in time-machine : `-e DSN="file:///var/log/toto.log"` or `-e DSN="cloudwatch:///your/group/path:stream_name?profile=dev&backlog=16h"` or `-e DSN="journalctl://filters=_SYSTEMD_UNIT=ssh.service"` * `TYPE` - [`Labels.type`](https://docs.crowdsec.net/Crowdsec/v1/references/acquisition/) for file in time-machine : `-e TYPE=""` * `TEST_MODE` - Only test configs (default: `false`) : `-e TEST_MODE=""` * `TZ` - Set the [timezone](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) to ensure logs have a local timestamp. diff --git a/docker/docker_start.sh b/docker/docker_start.sh index f7061548b..741dda4aa 100644 --- a/docker/docker_start.sh +++ b/docker/docker_start.sh @@ -45,12 +45,10 @@ ARGS="" if [ "$CONFIG_FILE" != "" ]; then ARGS="-c $CONFIG_FILE" fi -if [ "$FILE_PATH" != "" ]; then - ARGS="$ARGS -file $FILE" -fi -if [ "$JOURNALCTL_FILTER" != "" ]; then - ARGS="$ARGS -jfilter $JOURNALCTL_FILTER" +if [ "$DSN" != "" ]; then + ARGS="$ARGS -dsn ${DSN}" fi + if [ "$TYPE" != "" ]; then ARGS="$ARGS -type $TYPE" fi