mirror of
https://github.com/telekom-security/tpotce.git
synced 2025-05-13 19:58:08 +00:00
prep for new ewsposter, rollout to follow next week
This commit is contained in:
t3chn0m4g3
parent
f51ab7ec0f
commit
b6be931641
2 changed files with 41 additions and 6 deletions
docker/ews
|
|
@ -20,12 +20,12 @@ RUN apk -U --no-cache add \
|
|||
py3-requests \
|
||||
py3-pip \
|
||||
py3-setuptools && \
|
||||
pip3 install --no-cache-dir configparser hpfeeds3 pyOpenSSL xmljson && \
|
||||
pip3 install --no-cache-dir configparser hpfeeds3 influxdb influxdb-client pyOpenSSL xmljson && \
|
||||
#
|
||||
# Setup ewsposter
|
||||
git clone https://github.com/telekom-security/ewsposter /opt/ewsposter && \
|
||||
cd /opt/ewsposter && \
|
||||
git checkout 46cd801fb444f1fb0a90418ab46e5977ec0a90b6 && \
|
||||
git checkout b0633af849687128171be1c7be7a43f3709a93ed && \
|
||||
mkdir -p /opt/ewsposter/spool /opt/ewsposter/log && \
|
||||
#
|
||||
# Setup user and groups
|
||||
|
|
|
|||
43
docker/ews/dist/ews.cfg
vendored
43
docker/ews/dist/ews.cfg
vendored
|
|
@ -34,8 +34,18 @@ hpfformat = %(EWS_HPFEEDS_FORMAT)s
|
|||
json = false
|
||||
jsondir = /data/ews/json/
|
||||
|
||||
[INFLUXDB]
|
||||
influxdb = false
|
||||
host = http://localhost
|
||||
port = 8086
|
||||
username = <your username for influx 1.8>
|
||||
password = <your password for influx 1.8>
|
||||
token = <your token for influx 2.0>
|
||||
bucket = <your bucket/database for 2.0/1.8>
|
||||
org = <your org for influx 2.0>
|
||||
|
||||
[GLASTOPFV3]
|
||||
glastopfv3 = true
|
||||
glastopfv3 = false
|
||||
nodeid = glastopfv3-community-01
|
||||
sqlitedb = /data/glastopf/db/glastopf.db
|
||||
malwaredir = /data/glastopf/data/files/
|
||||
|
|
@ -69,12 +79,12 @@ nodeid = conpot-community-01
|
|||
logfile = /data/conpot/log/conpot*.json
|
||||
|
||||
[ELASTICPOT]
|
||||
elasticpot = false
|
||||
elasticpot = true
|
||||
nodeid = elasticpot-community-01
|
||||
logfile = /data/elasticpot/log/elasticpot.json
|
||||
|
||||
[SURICATA]
|
||||
suricata = true
|
||||
suricata = false
|
||||
nodeid = suricata-community-01
|
||||
logfile = /data/suricata/log/eve.json
|
||||
|
||||
|
|
@ -89,7 +99,7 @@ nodeid = rdpy-community-01
|
|||
logfile = /data/rdpy/log/rdpy.log
|
||||
|
||||
[VNCLOWPOT]
|
||||
vnclowpot = true
|
||||
vnclowpot = false
|
||||
nodeid = vnclowpot-community-01
|
||||
logfile = /data/vnclowpot/log/vnclowpot.log
|
||||
|
||||
|
|
@ -127,3 +137,28 @@ logfile = /data/adbhoney/log/adbhoney.json
|
|||
fatt = true
|
||||
nodeid = fatt-community-01
|
||||
logfile = /data/fatt/log/fatt.log
|
||||
|
||||
[IPPHONEY]
|
||||
ipphoney = true
|
||||
nodeid = ipphoney-community-01
|
||||
logfile = /data/ipphoney/log/ipphoney.json
|
||||
|
||||
[DICOMPOT]
|
||||
dicompot = true
|
||||
nodeid = dicompot-community-01
|
||||
logfile = /data/dicompot/log/dicompot.log
|
||||
|
||||
[MEDPOT]
|
||||
medpot = true
|
||||
nodeid = medpot-community-01
|
||||
logfile = /data/medpot/log/medpot.log
|
||||
|
||||
[HONEYPY]
|
||||
honeypy = true
|
||||
nodeid = honeypy-community-01
|
||||
logfile = /data/honeypy/log/json.log
|
||||
|
||||
[CITRIX]
|
||||
citrix = true
|
||||
nodeid = citrix-community-01
|
||||
logfile = /data/citrixhoneypot/logs/server.log
|
||||
|
|
|
|||
Loading…
Reference in a new issue