amavis Collection by crowdsecurity

« amavis »Collection
v0.1 by crowdsecurity

amavis support : parser and blocking scenario

Installation

cscli collections install crowdsecurity/amavis

Source code

A collection for Amavis :

Example acquisition for this collection :

File based

filenames:
  - /var/log/amavis.log
  - /var/log/maillog
labels:
  type: syslog

Journalctl based

---
source: journalctl
journalctl_filter:
  - "SYSLOG_IDENTIFIER=amavis"
labels:
  type: syslog

Content

Hub collection