Observability in security software is crucial, especially when this software might take important decision such as blocking IP addresses.
We attempt to provide good observability of Crowdsec's behavior :
- Crowdsec itself exposes a prometheus instrumentation
- cscli allows you to view part of prometheus metrics in cli (
- Crowdsec logging is contextualized for easy processing
- for humans, cscli allows you to trivially start a service exposing dashboards (using metabase)
Furthermore, most of Crowdsec configuration should allow you to enable partial debug (ie. per-scenario, per-parser etc.)