cscli scenarios install Azlaroc/sftpgo-bf1type: leaky2name: Azlaroc/sftpgo-bf3description: "Detect SFTPGo bruteforce attacks on FTP/SSH"4filter: "evt.Meta.log_type == 'sftpgo_auth' && evt.Meta.is_failed_login == 'true'"5groupby: evt.Meta.source_ip6capacity: 37leakspeed: "30s"8blackhole: 5m9labels:10 service: sftpgo11 confidence: 312 spoofable: 013 classification:14 - attack.T111015 behavior: "sftp:bruteforce"16 label: "SFTPGo Bruteforce"17 remediation: true18