Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-04-29 03:38:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
tpotce/cloud/ansible/roles/custom_ews/templates/ews.cfg

138 lines
2.6 KiB
INI
Raw Normal View History

Added custom ews.cfg Playbook
2019-04-10 10:52:57 +00:00
[MAIN]
homedir = /opt/ewsposter/
spooldir = /opt/ewsposter/spool/
logdir = /opt/ewsposter/log/
del_malware_after_send = false
send_malware = true
sendlimit = 500
contact = your_email_address
proxy =
ip =
[EWS]
ews = true
username = your_username
token = your_token
rhost_first = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMessage
rhost_second = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMessage
ignorecert = false
[HPFEED]
hpfeed = false
host = 0.0.0.0
port = 0
channels = 0
ident = 0
secret= 0
# path/to/certificate for tls broker - or "false" for non-tls broker
tlscert = false
# hpfeeds submission format: "ews" (xml) or "json"
hpfformat = json
[EWSJSON]
json = false
jsondir = /data/ews/json/
[GLASTOPFV3]
glastopfv3 = true
nodeid = glastopfv3-{{ HPNAME }}
sqlitedb = /data/glastopf/db/glastopf.db
malwaredir = /data/glastopf/data/files/
[GLASTOPFV2]
glastopfv2 = false
nodeid =
mysqlhost =
mysqldb =
mysqluser =
mysqlpw =
malwaredir =
[KIPPO]
kippo = false
nodeid =
mysqlhost =
mysqldb =
mysqluser =
mysqlpw =
malwaredir =
[COWRIE]
cowrie = true
nodeid = cowrie-{{ HPNAME }}
logfile = /data/cowrie/log/cowrie.json
[DIONAEA]
dionaea = true
nodeid = dionaea-{{ HPNAME }}
malwaredir = /data/dionaea/binaries/
sqlitedb = /data/dionaea/log/dionaea.sqlite
[HONEYTRAP]
honeytrap = true
nodeid = honeytrap-{{ HPNAME }}
newversion = true
payloaddir = /data/honeytrap/attacks/
attackerfile = /data/honeytrap/log/attacker.log
[RDPDETECT]
rdpdetect = false
nodeid =
iptableslog =
targetip =
[EMOBILITY]
eMobility = false
nodeid = emobility-{{ HPNAME }}
logfile = /data/emobility/log/centralsystemEWS.log
[CONPOT]
conpot = true
nodeid = conpot-{{ HPNAME }}
logfile = /data/conpot/log/conpot*.json
[ELASTICPOT]
elasticpot = true
nodeid = elasticpot-{{ HPNAME }}
logfile = /data/elasticpot/log/elasticpot.log
[SURICATA]
suricata = true
nodeid = suricata-{{ HPNAME }}
logfile = /data/suricata/log/eve.json
[MAILONEY]
mailoney = true
nodeid = mailoney-{{ HPNAME }}
logfile = /data/mailoney/log/commands.log
[RDPY]
rdpy = true
nodeid = rdpy-{{ HPNAME }}
logfile = /data/rdpy/log/rdpy.log
[VNCLOWPOT]
vnclowpot = true
nodeid = vnclowpot-{{ HPNAME }}
logfile = /data/vnclowpot/log/vnclowpot.log
[HERALDING]
heralding = true
nodeid = heralding-{{ HPNAME }}
logfile = /data/heralding/log/auth.csv
[CISCOASA]
ciscoasa = true
nodeid = ciscoasa-{{ HPNAME }}
logfile = /data/ciscoasa/log/ciscoasa.log
[TANNER]
tanner = true
nodeid = tanner-{{ HPNAME }}
logfile = /data/tanner/log/tanner_report.json
[GLUTTON]
glutton = true
nodeid = glutton-{{ HPNAME }}
logfile = /data/glutton/log/glutton.log
Reference in a new issue Copy permalink