Create a subfolder in your main appdata folder, used to tell services, and crowdsec, to write log files in it. These log files will be centralized and analyzed by crowdsec. In this guide, this subfolder is named "shared/crowdsec" (appdata/shared/crowdsec).
Go to apps tab in unraid, and install the container crowdsec from Ibracorp.
- Port : The port Crowdsec is using.
- appdata : Your Crowdsec appdata folder (usually appdata/crowdsec).
- data : The data folder your Crowdsec container will be using (subfolder in your crowdsec appdata folder).
- syslog path : not relevant (I think), leave it as default.
- COLLECTIONS : The collections Crowdsec will use, for example crowdsecurity/traefik for Traefik, LePresidente/authelia for authelia. Do not use quote marks " as this will cause issues with newer versions. It works fine without them.
- var log : crowdsec's log folder, map this to a subfolder in your shared folder (appdata/shared/crowdsec).
- auth logs to be analyzed (optional it seems): map this to a subfolder in your crowdsec shared folder (appdata/shared/crowdsec/auth for example). This value doesn't seem to be used in this unraid docker scenario, and is more relevant to a SSH config.
- crowdsec logs to analyze : map it to your crowdsec shared folder (appdata/shared/crowdsec).
: crowdsecurity/traefik crowdsecurity/http-cve