What is the proper way to get logs from a Self Hosted Docker instance in JSON format?
I'm looking to get a Crowdsec parser for Zitadel logs working to take the remote IP from failed instances and ban them.
It requires knowing that (1) you can see that an attempt was made at a certain time frame and (2) the origin IP of the request in JSON format.
Normally I use use the
However, looking at the logs in
I tried looking at the docs in https://zitadel.com/docs/guides/integrate/zitadel-apis/event-api#example-get-failed-login-attempt
However, I can't quite connect the dots to get it to work with Crowdsec. I don't know if it can even use curl to pull logs. The other method is pulling from log files, but it doesn't seem like Zitadel does that. So I'm at a loss as to how to get this work. Are there any suggestions.
It requires knowing that (1) you can see that an attempt was made at a certain time frame and (2) the origin IP of the request in JSON format.
Normally I use use the
docker logs <container> stream using Crowdsecs built in way of collecting that data. For exampleHowever, looking at the logs in
docker logs <zitadel-container>, it is not in JSON, and there is no source IP.I tried looking at the docs in https://zitadel.com/docs/guides/integrate/zitadel-apis/event-api#example-get-failed-login-attempt
However, I can't quite connect the dots to get it to work with Crowdsec. I don't know if it can even use curl to pull logs. The other method is pulling from log files, but it doesn't seem like Zitadel does that. So I'm at a loss as to how to get this work. Are there any suggestions.
ZITADEL leverages the power of eventsourcing, meaning every action and change within the system generates a corresponding event that is stored in the database.
