Skip to main content

Introduction

This section displays all the CrowdSec Security Engines available in an Organization. This feature provides a quick overview of the organization's security status and allows the management of all the Security Engines remotely.

If you haven't signed up for Security Engines, check out the "Getting Started" guide.

Security_engines_page

Table viewโ€‹

Different views are available based on the number of engines in an organization. If an organization have more than four engines, table views work best. (See below)

Table_view

Security Engine Cardโ€‹

Each Security Engine has a card that displays essential details to facilitate monitoring issues in a stack.

  • Name: Clicking on the name will redirect to the detailed page of the Security Engine.
  • IP: Clicking on the IP will copy it to the clipboard.
  • Enroll Date
  • Tags: Add custom tags to the engines by using the "doc" tag format.
  • Alerts / Scenarios / Remediation Components / Blocklists / Log Processors (Distributed Setup only): Clicking any items will redirect to a dedicated section with relevant information.
  • Activity: This feature helps focus on Security Engines that require your attention. The "Troubleshoot" feature can identify problems in your stack by analyzing past engine activity.
  • Distributed Setup: These are considered Distributed Setup Engines when multiple log processors are attached. (Get more info here)

Basic Cardโ€‹

Basic_card

Distributed Setup Cardโ€‹

Distributed_setup_card

Security Engines Inactivityโ€‹

In our system, Security Engines are only displayed if there have been activity references within the last 30 days. If no recent activity is associated with a Security Engine, it will not be shown in the interface. This helps ensure well-presented data with relevant and up-to-date information regarding security activities.