Flowtriq + CrowdSec
Feed DDoS attacker IPs from Flowtriq into CrowdSec's community blocklist. Parse ftagent attack logs, trigger CrowdSec ban decisions, and share threat intelligence with the CrowdSec network.
Setup
Connect in three steps
CrowdSec will begin parsing ftagent attack logs and triggering ban decisions for DDoS source IPs automatically.
Capabilities
Community-powered DDoS defense
Attack Log Parsing
CrowdSec parses ftagent attack logs to extract source IPs, attack families, and severity levels. The custom parser handles all ftagent log formats and extracts structured fields for scenario evaluation.
Automatic IP Banning
When ftagent detects a DDoS attack and logs the source IPs, CrowdSec automatically triggers ban decisions. Bans are enforced by whatever CrowdSec bouncers you have installed: iptables, nginx, HAProxy, or cloud firewalls.
Community Sharing
DDoS attacker IPs detected by your Flowtriq deployment are shared with the CrowdSec community threat intelligence network. Other CrowdSec users benefit from your detections, and you benefit from theirs.
Scenario-Based Detection
The Flowtriq scenario evaluates attack severity and frequency to make intelligent ban decisions. Configure thresholds, ban durations, and decision types to match your security policy.
Add community threat intelligence to your DDoS defense
Install the CrowdSec collection and start sharing DDoS threat intelligence in minutes.
FAQ