crowdsecurity · rr404 · Nov 20, 2025 · Nov 20, 2025 · Nov 20, 2025 · Nov 21, 2025
diff --git a/crowdsec-docs/docusaurus.config.ts b/crowdsec-docs/docusaurus.config.ts
@@ -6,6 +6,8 @@ import { themes } from "prism-react-renderer";
 import tailwindPlugin from "./plugins/tailwind-config";
 import { ctiApiSidebar, guidesSideBar, remediationSideBar } from "./sidebarsUnversioned";
 
+const extractPreprocessor = require("./plugins/extract-preprocessor");
+
 const generateCurrentAndNextRedirects = (s) => [
 	{
 		from: `/docs/${s}`,
@@ -220,6 +222,7 @@ const config: Config = {
 			admonitions: true,
 			headingIds: true,
 		},
+		preprocessor:extractPreprocessor
 	},
 	stylesheets: [
 		{
@@ -290,7 +293,7 @@ const config: Config = {
 						current: {
 							path: "/next",
 						},
-					},
+					}
 				},
 				blog: {
 					showReadingTime: true,
@@ -317,7 +320,7 @@ const config: Config = {
 		["./plugins/gtag/index.ts", { trackingID: "G-0TFBMNTDFQ" }],
 		["@docusaurus/plugin-client-redirects", { redirects }],
 		tailwindPlugin,
-	],
+	]
 };
 
 export default config;
diff --git a/crowdsec-docs/plugins/extract-preprocessor.js b/crowdsec-docs/plugins/extract-preprocessor.js
@@ -0,0 +1,104 @@
+const fs = require('fs');
+const path = require('path');
+
+// --- CONFIGURATION ---
+// The directories to scan for snippets
+const DOCS_DIRS = ['./docs', './unversioned']; 
+// ---------------------
+
+const snippetRegistry = new Map();
+let isIndexed = false;
+
+// Helper: Recursively find all .md/.mdx files
+const getAllFiles = (dirPath, arrayOfFiles = []) => {
+  if (!fs.existsSync(dirPath)) return arrayOfFiles;
+
+  const files = fs.readdirSync(dirPath);
+  files.forEach((file) => {
+    const fullPath = path.join(dirPath, file);
+    if (fs.statSync(fullPath).isDirectory()) {
+      getAllFiles(fullPath, arrayOfFiles);
+    } else if (file.endsWith('.md') || file.endsWith('.mdx')) {
+      arrayOfFiles.push(fullPath);
+    }
+  });
+  return arrayOfFiles;
+};
+
+// Helper: Extract Doc ID from Frontmatter
+const getDocId = (content, filename) => {
+  const idMatch = content.match(/^---\s+[\s\S]*?\nid:\s*(.*?)\s*[\n\r]/m);
+  if (idMatch && idMatch[1]) {
+    return idMatch[1].replace(/['"]/g, '').trim();
+  }
+  return filename;
+};
+
+// --- CORE LOGIC ---
+const buildIndex = () => {
+  if (isIndexed) return;
+  console.log('[ExtractPreprocessor] ⚡ Indexing snippets via Regex...');
+
+  const allFiles = [];
+  DOCS_DIRS.forEach(dir => getAllFiles(path.resolve(process.cwd(), dir), allFiles));
+
+  let count = 0;
+
+  // Regex to find: <div data-extract="ID"> CONTENT </div>
+  // We use [\s\S]*? to match content across multiple lines (lazy match)
+  const extractRegex = /<div\s+data-extract=["']([^"']+)["'][^>]*>([\s\S]*?)<\/div>/g;
+
+  allFiles.forEach(filePath => {
+    try {
+      const content = fs.readFileSync(filePath, 'utf8');
+      const filename = path.basename(filePath, path.extname(filePath));
+      const docId = getDocId(content, filename);
+
+      let match;
+      // Loop through all matches in the file
+      while ((match = extractRegex.exec(content)) !== null) {
+        let [fullTag, extractId, snippetContent] = match;
+
+        // Clean up the content (optional: trim leading/trailing newlines)
+        snippetContent = snippetContent.replace(/^\n+|\n+$/g, '');
+
+        // Generate Key: "docId:snippetId"
+        // If the ID already has a colon, assume user provided full ID
+        const key = extractId.includes(':') ? extractId : `${docId}:${extractId}`;
+
+        snippetRegistry.set(key, snippetContent);
+        console.log(`[ExtractPreprocessor] ⚡ Indexed snippet: ${key}`);
+        count++;
+      }
+    } catch (e) {
+      console.warn(`[ExtractPreprocessor] Failed to read ${filePath}`);
+    }
+  });
+
+  isIndexed = true;
+  console.log(`[ExtractPreprocessor] ⚡ Indexed ${count} snippets.`);
+};
+
+// This function is called by Docusaurus for EVERY markdown file
+const preprocessor = ({ filePath, fileContent }) => {
+  // 1. Ensure Index exists (runs once)
+  buildIndex();
+
+  // 2. Regex to find: <div data-extract-copy="ID" />
+  // Matches <div data-extract-copy="xyz"></div> OR <div data-extract-copy="xyz" />
+  const copyRegex = /<div\s+data-extract-copy=["']([^"']+)["']\s*\/?>\s*(?:<\/div>)?/g;
+
+  // 3. Replace with content
+  return fileContent.replace(copyRegex, (match, requestedId) => {
+    if (snippetRegistry.has(requestedId)) {
+        // Return the stored snippet content
+        return snippetRegistry.get(requestedId);
+    } else {
+        console.error(`[ExtractPreprocessor] ❌ Snippet not found: "${requestedId}" in ${path.basename(filePath)}`);
+        // Return an error message in the UI so you see it
+        return `> **Error: Snippet "${requestedId}" not found.**`;
+    }
+  });
+};
+
+module.exports = preprocessor;
diff --git a/crowdsec-docs/unversioned/getting_started/installation/whm.mdx b/crowdsec-docs/unversioned/getting_started/installation/whm.mdx
@@ -148,7 +148,7 @@ Most of the time it will be a port conflict or config file error
 - Check the logs for error
   - In CrowdSec's logs sudo less /var/log/crowdsec.log: Note that it might be very verbose.
   - You can also check:  sudo journalctl -u crowdsec
-- Ultimately, you can check the [Security Engine Troubleshooting section](/troubleshooting/security_engine.mdx)
+- Ultimately, you can check the [Security Engine Troubleshooting section](/u/troubleshooting/security_engine.mdx)
 
 ### Changing port configuration
 

diff --git a/...docs/unversioned/getting_started/post_installation/acquisition_troubleshoot.mdx b/...docs/unversioned/getting_started/post_installation/acquisition_troubleshoot.mdx
@@ -21,7 +21,7 @@ The first thing to check is that the log file is found and readable by the Crowd
 
 Within the CrowdSec log file it will log if the file was found or not.
 
-Log file locations change by distribution, you can find the default log location [outlined here](/troubleshooting/security_engine.mdx#where-are-the-logs-stored).
+Log file locations change by distribution, you can find the default log location [outlined here](/u/troubleshooting/security_engine.mdx#where-are-the-logs-stored).
 
 <FormattedTabs
   bash="grep '/path/to/your/file.log' /var/log/crowdsec.log"

diff --git a/crowdsec-docs/unversioned/getting_started/post_installation/troubleshoot.mdx b/crowdsec-docs/unversioned/getting_started/post_installation/troubleshoot.mdx
@@ -9,7 +9,7 @@ import FormattedTabs from '@site/src/components/formatted-tabs';
 
 # Troubleshoot
 
-This troubleshoot section is intended to help you resolve common issues that may arise during the installation process. You can find extensive [troubleshooting documentation](/troubleshooting/intro.md) if this document does not resolve your issues.
+This troubleshoot section is intended to help you resolve common issues that may arise during the installation process. You can find extensive [troubleshooting documentation](/u/troubleshooting/intro) if this document does not resolve your issues.
 
 # Logs and Errors
 
@@ -89,6 +89,6 @@ After you have made the changes you will need to restart the CrowdSec service.
 
 ## Next Steps?
 
-If the above hasn't resolved the issue you are facing, you can find more detailed troubleshooting documentation [here](/troubleshooting/intro.md).
+If the above hasn't resolved the issue you are facing, you can find more detailed troubleshooting documentation [here](/u/troubleshooting/intro).
 
 If you have resolved the issue you can continue with the [post installation steps](/getting_started/next_steps.mdx#1-crowdsec-console-).
diff --git a/crowdsec-docs/unversioned/troubleshooting/console_issues.md b/crowdsec-docs/unversioned/troubleshooting/console_issues.md
@@ -0,0 +1,64 @@
+---
+title: Console Health Check Issues
+id: console_issues
+---
+
+The CrowdSec Console monitors the health of your CrowdSec stack *(Security Engines, Log Processors, remediation components and blocklist integrations)* and raises alerts when issues are detected.  
+This page lists all possible health check issues, their trigger conditions, and links to detailed troubleshooting guides.
+
+## Understanding Issue Criticality
+
+- 🔥 **Critical**: Immediate attention required - core functionality is impaired
+- ⚠️ **High**: Important issue that should be addressed soon - may impact protection effectiveness
+- 💡 **Recomended**: Additionnal actions that will continue improving your security posture *(comming in next iterations of Stack Health)*
+- 🌟 **Bonus** : Optimization advises and upper tier recommendation with great return on value *(comming in next iterations of Stack Health)*
+
+## Health Check Issues Overview
+<div data-extract="stackhealth_issues_list">
+
+| Issue | Criticality | Summary | Resolution |
+|-------|-------------|---------|------------|
+| **Security Engine Offline** | 🔥 Critical | Security Engine has not reported to Console for 24+ hours | [Troubleshooting](/u/troubleshooting/issue_security_engine_offline) |
+| **Engine No Alerts** | ⚠️ High | No alerts generated in the last 48 hours | [Troubleshooting](/u/troubleshooting/issue_engine_no_alerts) |
+| **Engine Too Many Alerts** | ⚠️ High | More than 250,000 alerts in 6 hours | [Troubleshooting](/u/troubleshooting/issue_engine_too_many_alerts) |
+| **Log Processor Offline** | 🔥 Critical | Log Processor has not checked in with LAPI for 24+ hours | [Troubleshooting](/u/troubleshooting/issue_log_processor_offline) |
+| **LP No Alerts** | ⚠️ High | Log Processor has not generated alerts in 48 hours | [Troubleshooting](/u/troubleshooting/issue_lp_no_alerts) |
+| **LP No Logs Read** | 🔥 Critical | No logs acquired in the last 24 hours | [Troubleshooting](/u/troubleshooting/issue_lp_no_logs_read) |
+| **LP No Logs Parsed** | 🔥 Critical | Logs read but none parsed in the last 48 hours | [Troubleshooting](/u/troubleshooting/issue_lp_no_logs_parsed) |
+| **Firewall Integration Offline** | 🔥 Critical | Firewall has not pulled from BLaaS endpoint for 24+ hours | [Troubleshooting](/u/troubleshooting/issue_fw_integration_offline) |
+| **RC Integration Offline** | 🔥 Critical | Remediation Component has not pulled from endpoint for 24+ hours | [Troubleshooting](/u/troubleshooting/issue_rc_integration_offline) |
+
+</div>
+## Issue Dependencies
+
+Some issues are related and share common root causes: 
+
+- **Engine No Alerts** may be caused by:
+  - LP No Logs Read
+  - LP No Logs Parsed
+  - Scenarios not installed or in simulation mode
+
+- **LP No Alerts** may be caused by:
+  - LP No Logs Read
+  - LP No Logs Parsed
+  - Scenarios not matching the parsed events
+
+Understanding these dependencies helps you troubleshoot more efficiently by addressing root causes first.
+
+## Future Enhancements
+
+For planned and experimental health checks, see [Future Console Health Check Issues](/u/troubleshooting/future_console_issues) page for planned features including:
+
+- Enhanced configuration validation
+- Blocklists optimization recommendations
+- Collection update notifications
+- False positive prevention checks
+- Premium feature recommendation based on detected benefit
+
+## Getting Help
+
+If you've followed the troubleshooting guides and still need assistance:
+
+- [Discourse](https://discourse.crowdsec.net/)
+- [Discord](https://discord.gg/crowdsec)
+- [GitHub Issues](https://github.com/crowdsecurity/crowdsec/issues)