beenull/crowdsec
1
0
Fork 0
Code Issues Pull requests Packages Projects Releases Wiki Activity
crowdsec/pkg/leakybucket/tests/simple-bayesian-bucket/bucket.yaml
Emanuel Seemann 40e6b205bc
Add bayesian bucket type (#2290)
2023-06-21 15:08:27 +02:00

19 lines
533 B
YAML
Raw Blame History

type: bayesian
name: test/simple-bayesian
debug: true
description: "bayesian bucket"
filter: "evt.Meta.log_type == 'http_access-log' || evt.Meta.log_type == 'ssh_access-log'"
groupby: evt.Meta.source_ip
bayesian_prior: 0.5
bayesian_threshold: 0.8
bayesian_conditions:
- condition: any(queue.Queue, {.Meta.http_path == "/"})
prob_given_evil: 0.8
prob_given_benign: 0.2
- condition: any(queue.Queue, {.Meta.ssh_user == "admin"})
prob_given_evil: 0.9
prob_given_benign: 0.5
leakspeed: 30s
capacity: -1
labels:
type: overflow_1
Reference in a new issue View git blame Copy permalink