Hmm, looking at things further, I am not getting any bans either. I don’t think it’s actually parsing any logs. Manual bans work fine.
│ Acquisition Metrics
│ Source │ Lines read │ Lines parsed │ Lines unparsed │ Lines poured to bucket │ Lines whitelisted │
│ file:/var/log/traefik/access.log │ 1.71k │ - │ 1.71k │ -
Edit: I added crowdsecurity/linux to the collections, and now all is working!