diff --git a/roles/crowdsec/defaults/main.yml b/roles/crowdsec/defaults/main.yml
index 39eefd6..4bee956 100644
--- a/roles/crowdsec/defaults/main.yml
+++ b/roles/crowdsec/defaults/main.yml
@@ -7,6 +7,9 @@ crowdsec_archive_url: https://github.com/crowdsecurity/crowdsec/releases/downloa
 # Expected sha1 of the archive
 crowdsec_archive_sha1: 7c9dc58c6648c8fd43b297427d6a53fe940cbf13
 
+# Can be sqlite or mysql
+crowdsec_db_engine: sqlite
+# This is for mysql backend
 crowdsec_db_server: "{{ mysql_server | default('localhost') }}"
 crowdsec_db_port: 3306
 crowdsec_db_name: crowdsec
diff --git a/roles/crowdsec/tasks/conf.yml b/roles/crowdsec/tasks/conf.yml
index f98bcac..7adb831 100644
--- a/roles/crowdsec/tasks/conf.yml
+++ b/roles/crowdsec/tasks/conf.yml
@@ -18,6 +18,7 @@
     - db_user: "{{ crowdsec_db_user }}"
     - db_server: "{{ crowdsec_db_server }}"
     - db_pass: "{{ crowdsec_db_pass }}"
+  when: crowdsec_db_engine == 'mysql'
   tags: crowdsec
 
 - when: crowdsec_lapi_pass is not defined
diff --git a/roles/crowdsec/templates/acquis.yaml.j2 b/roles/crowdsec/templates/acquis.yaml.j2
index 5b623f6..513d7bb 100644
--- a/roles/crowdsec/templates/acquis.yaml.j2
+++ b/roles/crowdsec/templates/acquis.yaml.j2
@@ -3,3 +3,9 @@ journalctl_filter:
   - "_SYSTEMD_UNIT=sshd.service"
 labels:
   type: syslog
+---
+journalctl_filter:
+  - "_TRASPORT=kernel"
+labels:
+  type: syslog
+
diff --git a/roles/crowdsec/templates/config.yaml.j2 b/roles/crowdsec/templates/config.yaml.j2
index f5a0d0a..c945f22 100644
--- a/roles/crowdsec/templates/config.yaml.j2
+++ b/roles/crowdsec/templates/config.yaml.j2
@@ -22,12 +22,16 @@ cscli:
 
 db_config:
   log_level: info
+{% if crowdsec_db_engine == 'mysql' %}
   type: mysql
   user: {{ crowdsec_db_user }}
   password: {{ crowdsec_db_pass | quote }}
   db_name: {{ crowdsec_db_name }}
   host: {{ crowdsec_db_server }}
   port: {{ crowdsec_db_port }}
+{% else %}
+  db_path: /var/lib/crowdsec/data/crowdsec.db
+{% endif %}
   flush:
     max_items: 100000
     max_age: 730d