Observability in security software is crucial, especially when this software might take important decision such as blocking IP addresses.
We attempt to provide good observability of crowdsec-agent's behavior :
- crowdsec-agent itself exposes a prometheus instrumentation
- Cscli allows you to view part of prometheus metrics in cli (
- crowdsec-agent logging is contextualized for easy processing
- for humans, cscli allows you to trivially start a service exposing dashboards (using metabase)
Furthermore, most of crowdsec-agent configuration should allow you to enable partial debug (ie. per-scenario, per-parser etc.)