Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-02 04:52:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

medpot tweaking

Browse source
This commit is contained in:
t3chn0m4g3 2018-09-11 07:59:14 +00:00
parent f0f6981f34
commit 992d453b9a
7 changed files with 9 additions and 15 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
docker/elk/logstash/dist/logstash.conf vendored
View file

@ -309,14 +309,9 @@ filter {
"dest_port" => "2575" "dest_port" => "2575"
"dest_ip" => "${MY_EXTIP}" "dest_ip" => "${MY_EXTIP}"
} }
rename => {
"port" => "src_port"
"ip" => "src_ip"
}
} }
date { date {
match => [ "time", "yyyy.MM.dd HH:mm:ss" ] match => [ "timestamp", "ISO8601" ]
remove_field => ["time"]
} }
} }

7
docker/medpot/Dockerfile
View file

@ -11,7 +11,7 @@ RUN apk -U --no-cache add \
export GOPATH=/opt/go/ && \ export GOPATH=/opt/go/ && \
mkdir -p /opt/go/src && \ mkdir -p /opt/go/src && \
cd /opt/go/src && \ cd /opt/go/src && \
git clone https://github.com/schmalle/medpot.git && \ git clone https://github.com/schmalle/medpot && \
go get -d -v github.com/davecgh/go-spew/spew && \ go get -d -v github.com/davecgh/go-spew/spew && \
go get -d -v github.com/go-ini/ini && \ go get -d -v github.com/go-ini/ini && \
go get -d -v github.com/mozillazg/request && \ go get -d -v github.com/mozillazg/request && \
@ -21,15 +21,14 @@ RUN apk -U --no-cache add \
# Setup medpot # Setup medpot
mkdir -p /opt/medpot \ mkdir -p /opt/medpot \
/var/log/ && \ /var/log/medpot && \
touch /var/log/medpot.log && \
cp medpot /opt/medpot && \ cp medpot /opt/medpot && \
cp /opt/go/src/medpot/template/*.xml /opt/medpot/ && \ cp /opt/go/src/medpot/template/*.xml /opt/medpot/ && \
# Setup user, groups and configs # Setup user, groups and configs
addgroup -g 2000 medpot && \ addgroup -g 2000 medpot && \
adduser -S -s /bin/ash -u 2000 -D -g 2000 medpot && \ adduser -S -s /bin/ash -u 2000 -D -g 2000 medpot && \
chown -R medpot:medpot /var/log/medpot.log && \ chown -R medpot:medpot /var/log/medpot && \
# Clean up # Clean up
apk del --purge build-base \ apk del --purge build-base \

2
docker/medpot/docker-compose.yml
View file

@ -17,4 +17,4 @@ services:
image: "dtagdevsec/medpot:1804" image: "dtagdevsec/medpot:1804"
read_only: true read_only: true
volumes: volumes:
- /data/medpot/log/:/var/log/ - /data/medpot/log/:/var/log/medpot

2
etc/compose/experimental.yml
View file

@ -276,7 +276,7 @@ services:
image: "dtagdevsec/medpot:1804" image: "dtagdevsec/medpot:1804"
read_only: true read_only: true
volumes: volumes:
- /data/medpot/log/:/var/log/ - /data/medpot/log/:/var/log/medpot
# Rdpy service # Rdpy service
rdpy: rdpy:

2
etc/compose/industrial.yml
View file

@ -190,7 +190,7 @@ services:
image: "dtagdevsec/medpot:1804" image: "dtagdevsec/medpot:1804"
read_only: true read_only: true
volumes: volumes:
- /data/medpot/log/:/var/log/ - /data/medpot/log/:/var/log/medpot
# Rdpy service # Rdpy service
rdpy: rdpy:

2
etc/compose/sensor.yml
View file

@ -274,7 +274,7 @@ services:
image: "dtagdevsec/medpot:1804" image: "dtagdevsec/medpot:1804"
read_only: true read_only: true
volumes: volumes:
- /data/medpot/log/:/var/log/ - /data/medpot/log/:/var/log/medpot
# Rdpy service # Rdpy service
rdpy: rdpy:

2
etc/compose/standard.yml
View file

@ -275,7 +275,7 @@ services:
image: "dtagdevsec/medpot:1804" image: "dtagdevsec/medpot:1804"
read_only: true read_only: true
volumes: volumes:
- /data/medpot/log/:/var/log/ - /data/medpot/log/:/var/log/medpot
# Rdpy service # Rdpy service
rdpy: rdpy: