# OpenWrt uHTTPd Web Server Acquisition
# This configuration monitors uHTTPd access/error logs
#
# By default, uHTTPd logs to syslog. To enable file-based logging,
# configure uHTTPd in /etc/config/uhttpd:
#
#   config uhttpd 'main'
#       option access_log '/var/log/uhttpd/access.log'
#       option error_log '/var/log/uhttpd/error.log'
#
# Required parsers:
#   cscli parsers install crowdsecurity/syslog-logs
#
# For HTTP-based attacks, consider installing:
#   cscli collections install crowdsecurity/http-cve
#   cscli scenarios install crowdsecurity/http-probing
#   cscli scenarios install crowdsecurity/http-bad-user-agent

# uHTTPd access logs
# filenames:
#   - /var/log/uhttpd/access.log
# labels:
#   type: syslog
---
# uHTTPd error logs
# filenames:
#   - /var/log/uhttpd/error.log
# labels:
#   type: syslog