kaffa/obsidian
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

deprecate anomaly-detect (오탐 다수로 인스턴스까지 제거)

Browse Source 
원인: Grok-4-fast agentic 분석기가 더미 IP(1.1.1.1, 1.2.3.4 시퀀스),
Cloudflare 엣지 IP(172.70.x), 자체 Linode IDC 대역(45.79.x)을
path-enumeration으로 오탐 ban. 같은 기간 hub 시나리오는 진짜 스캐너
1건(India SoloRDP)을 정확히 잡음.

작업:
- infra/platform/anomaly-detect.md → deprecated stub
- history/2026-04-25-anomaly-detect-removal.md 신규 (폐기 사유, 재가동 조건 정리)
- crowdsec-safeline.md acquisition 다이어그램에서 anomaly-detect 분기 제거
- infra/compute/infra-hosts.md hp2 default 5→4 갱신
- infra/platform/_index.md, history/_index.md 인덱스 갱신
- infra/security/vault.md apps 목록에서 항목 제거 (apps/anomaly-detect 경로는 비어있음, 유지)

보존:
- Vault secret/ai/openrouter (다른 서비스 공용 가능성)
- Gitea kaffa/anomaly-detect repo (재구축 reference)
This commit is contained in:
kaffa
2026-04-25 15:00:13 +09:00
parent ffdabc994b
commit 46cb3236d3
7 changed files with 94 additions and 171 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
infra/security/crowdsec-safeline.md
View File

@@ -43,9 +43,12 @@ Netbis NPM 6대 nginx file → Vector → zlambda─┘
CrowdSec victorialogs acquisition (tail, 실시간, 단일 query OR로 통합)
→ custom/apisix-json-logs 파서 + crowdsecurity/nginx-logs (NPM 호환)
+ anomaly-detect (5분 폴링, AI 분석)
```
> [!note] anomaly-detect 분기 제거 (2026-04-25)
> 기존 `+ anomaly-detect (5분 폴링, AI 분석)` 분기는 폐기. [[../platform/anomaly-detect|anomaly-detect]] 인스턴스 완전 제거. [[../../history/2026-04-25-anomaly-detect-removal|history]]
| 항목 | 값 |
|------|-----|
| VictoriaLogs | `vl.inouter.com` (K3s logging ns, Traefik IngressRoute) |

2
infra/security/vault.md
View File

@@ -32,7 +32,7 @@ Vault root token은 만료 없음 (TTL: 0s)
| 카테고리 | 경로 | 내용 |
|----------| ai/ | brave, context7, deepseek, google/drive-mcp, openai, openrouter, pinecone, testsprite, vertex |
| apps/ | anomaly-detect, cfb-manager, cf-multisite, discord, figma, gitea, gitea/registry, k3s, myapp, n8n, nocodb, ops-agents-ssh, outline, portainer, postgres, sftpgo, telegram-ai-support, trader, twilio, waf-saas |
| apps/ | cfb-manager, cf-multisite, discord, figma, gitea, gitea/registry, k3s, myapp, n8n, nocodb, ops-agents-ssh, outline, portainer, postgres, sftpgo, telegram-ai-support, trader, twilio, waf-saas (anomaly-detect 폐기 2026-04-25 — apps 경로는 비어있음, 유지) |
| auth/ | api-keys/openai, api-keys/stripe, github/oauth-gitea, google/ca/external-account-key, google/ca/service-account, google/oauth-gitea |
| cloud/ | alibaba, aws, backblaze, backblaze/restic, bunnycdn, cloudflare, cloudflare-netbis, cloudflare/r2, cloudflare/turnstile-crowdsec-captcha, cloudflare/turnstile-inouter-bunny, latitude, lightsail, linode, r2-gitea, r2-multisite, r2-sftpgo, supabase, vultr, zenlayer |
| company/ | bank, info, ironclad, korbit, koreaexim, popbill |