feat(crowdsec): 启用验证码挑战

apps/infra/monitor/crowdsec/helmchart.yaml

@@ -62,6 +62,7 @@ spec:
         data:
           enabled: false
     config:
+      # api config.yaml配置
       config.yaml.local: |
         db_config:
           type: postgresql
@@ -71,6 +72,32 @@ spec:
           user: app
           password: nyrHzh9WWlDZzvVw7bDFo74gKb9zsls0Sy7OwRTDWiRTNPQQQkW85taUFAoX2AIC
           sslmode: require
+      # api profiles.yaml配置
+      profiles.yaml:
+        name: captcha_remediation
+        filters:
+          - Alert.Remediation == true && Alert.GetScope() == "Ip" && Alert.GetScenario() contains "http" && GetDecisionsSinceCount(Alert.GetValue(), "24h") <= 3
+        decisions:
+          - type: captcha
+            duration: 4h
+        on_success: break
+        ---
+        name: default_ip_remediation
+        filters:
+          - Alert.Remediation == true && Alert.GetScope() == "Ip"
+        decisions:
+          - type: ban
+            duration: 4h
+        on_success: break
+        ---
+        name: default_range_remediation
+        filters:
+          - Alert.Remediation == true && Alert.GetScope() == "Range"
+        decisions:
+          - type: ban
+            duration: 4h
+        on_success: break
+      # agent parsers 配置
       parsers:
         s01-parse:
           # 新增nginx json日志解析