In this post I will explain how you can configure CrowdSec to send alerts to a Discord server. In this post you will not require to install anything extra; as we will be taking advantage of the inbuilt http notification plugin. You will however need a Discord server where you are an administrator.
If you don’t know what CrowdSec is; it advertises itself as a:
open-source and participative IPS
It basically allows us to have a system to help protect against known bad actors and malicious behaviors. A very important thing to have on any public facing machine.
Let’s move on to setting up the alerts.
First we will need to make a new Webhook on your selected Discord server to receive the alerts. You can do this by:
- Open Server Settings
- Click on Integrations
- Click on Webhooks
- Click “New Webhook”
Now you have created the Webhook; feel free to customise the name and what channel you want to send alerts to. After you have done that click on the “Copy Webhook URL” button and save it somewhere safe temporarily, we will need this later.
Next we need to access the server that CrowdSec is running on and navigate into the CrowdSec config folder, this is generally found in:
We can then copy the below text into a file called “discord.yaml” inside the “notifications” directory.
Replace the indicated url field with the Webhook url we generated earlier.
If any alerts are created they still won’t appear on Discord, this is because we have to tell CrowdSec when and where we want a notification to appear. We do this in the “profiles.yaml” file. As you can see in the example config the discord notification is added in the “notifications” section. Depending on your setup you may have different profiles setup.
After that it’s best to restart CrowdSec to ensure the new settings are loaded:
After this applies and you find yourself getting too many messages; you may want to move the notification to it’s own profile and set filters to only alert you to specific scenarios.
This is an example of the message you will get on Discord when there is an alert:
As you can see CrowdSec allows us to easily extend it; ensuring it is exactly setup how we want. I hope you enjoyed reading this article and found it useful.
This post was not endorsed or sponsored by any of the mentioned parties. My views are my own.
Looking for more self-hosted related content or programming help, join the Enchanted People community here: