crowdsec/pkg/leakybucket/tests/overflow-with-meta/test.json

{
    "lines": [
       {
          "Line": {
             "Labels": {
                "type": "testlog"
             },
             "Raw": "xxheader VALUE1 trailing stuff"
          },
          "MarshaledTime": "2020-01-01T10:00:00.000Z",
          "Meta": {
             "source_ip": "1.2.3.4",
             "uniq_key": "aaa"
          },
          "Enriched": {
             "ASNumber": "1234",
             "IsoCode": "FR",
             "ASNOrg": "random AS"
          }
       },
       {
          "Line": {
             "Labels": {
                "type": "testlog"
             },
             "Raw": "xxheader VALUE1 trailing stuff"
          },
          "MarshaledTime": "2020-01-01T10:00:00.000Z",
          "Meta": {
             "source_ip": "1.2.3.4",
             "uniq_key": "aaa"
          },
          "Enriched": {
             "ASNumber": "1234",
             "IsoCode": "FR",
             "ASNOrg": "random AS"
          }
       }
      ],
      "results" : [
         {
            "Alert": {
               "Sources": {
                  "1.2.3.4": {
                     "as_name": "random AS",
                     "as_number": "1234",
                     "cn": "FR",
                     "ip": "1.2.3.4",
                     "scope": "Ip",
                     "value": "1.2.3.4"
                  }
               },            
               "Alert" : {
                  "events_count": 1,
                  "scenario": "test/simple-trigger"
               }
            }
         },
         {
            "Alert": {
               "Sources": {
                  "1.2.3.4": {
                     "as_name": "random AS",
                     "as_number": "1234",
                     "cn": "FR",
                     "ip": "1.2.3.4",
                     "scope": "Ip",
                     "value": "1.2.3.4"
                  }
               },            
               "Alert" : {
                  "events_count": 1,
                  "scenario": "test/simple-trigger"
               }
            }
            
         }
      ]
 }