# ssh bruteforce
type: leaky
debug: true
name: test/simple-leaky
description: "Simple leaky"
filter: "evt.Line.Labels.type =='testlog'"
leakspeed: "0.5s"
capacity: 2
groupby: evt.Meta.source_ip
labels:
 type: overflow_1