crowdsec/pkg/leakybucket/tests/simple-trigger-external-data/test.json

{
  "lines": [
    {
      "Line": {
        "Labels": {
          "type": "testlog"
        },
        "Raw": "xxheader VALUE1 trailing stuff"
      },
      "MarshaledTime": "2020-01-01T10:00:00+00:00",
      "Meta": {
        "source_ip": "1.2.3.4"
      },
      "Parsed": {
        "tainted_data": "AAAABBBBBBB11111XXX"
      }
    },
    {
      "Line": {
        "Labels": {
          "type": "testlog"
        },
        "Raw": "xxheader VALUE2 trailing stuff"
      },
      "MarshaledTime": "2020-01-01T10:00:00+00:00",
      "Meta": {
        "source_ip": "1.2.3.5"
      },
      "Parsed": {
        "tainted_data": "ZZZBBBBBBB11111XXX"
      }
    }
  ],
  "results": [
    {
      "Alert": {
        "sources": {
          "1.2.3.4": {
              "scope": "Ip",
              "value": "1.2.3.4",
            
            "ip": "1.2.3.4"
          }
        },
        "Alert" : {
        "scenario": "test/simple-trigger",
        "events_count": 1
        }
        
      }
    }
  ]
}