cscli collections install crowdsecurity/iptablesA collection for portscan detection via iptables/nftables :
-j LOG)Example acquisition for this collection :
1filenames:2 - /var/log/kern.log3labels:4 type: syslog
Debian 12 example (without rsyslog)
1source: journalctl2journalctl_filter:3 - "-k"4labels:5 type: syslog
notes :