Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-05-14 04:08:09 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

prep for new ewsposter, rollout to follow next week

Browse source
This commit is contained in:
t3chn0m4g3 2021-06-24 16:26:53 +00:00
parent f51ab7ec0f
commit b6be931641
2 changed files with 41 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
docker/ews/Dockerfile
View file

@ -20,12 +20,12 @@ RUN apk -U --no-cache add \
py3-requests \ py3-requests \
py3-pip \ py3-pip \
py3-setuptools && \ py3-setuptools && \
pip3 install --no-cache-dir configparser hpfeeds3 pyOpenSSL xmljson && \ pip3 install --no-cache-dir configparser hpfeeds3 influxdb influxdb-client pyOpenSSL xmljson && \
# #
# Setup ewsposter # Setup ewsposter
git clone https://github.com/telekom-security/ewsposter /opt/ewsposter && \ git clone https://github.com/telekom-security/ewsposter /opt/ewsposter && \
cd /opt/ewsposter && \ cd /opt/ewsposter && \
git checkout 46cd801fb444f1fb0a90418ab46e5977ec0a90b6 && \ git checkout b0633af849687128171be1c7be7a43f3709a93ed && \
mkdir -p /opt/ewsposter/spool /opt/ewsposter/log && \ mkdir -p /opt/ewsposter/spool /opt/ewsposter/log && \
# #
# Setup user and groups # Setup user and groups

43
docker/ews/dist/ews.cfg vendored
View file

@ -34,8 +34,18 @@ hpfformat = %(EWS_HPFEEDS_FORMAT)s
json = false json = false
jsondir = /data/ews/json/ jsondir = /data/ews/json/
[INFLUXDB]
influxdb = false
host = http://localhost
port = 8086
username = <your username for influx 1.8>
password = <your password for influx 1.8>
token = <your token for influx 2.0>
bucket = <your bucket/database for 2.0/1.8>
org = <your org for influx 2.0>
[GLASTOPFV3] [GLASTOPFV3]
glastopfv3 = true glastopfv3 = false
nodeid = glastopfv3-community-01 nodeid = glastopfv3-community-01
sqlitedb = /data/glastopf/db/glastopf.db sqlitedb = /data/glastopf/db/glastopf.db
malwaredir = /data/glastopf/data/files/ malwaredir = /data/glastopf/data/files/
@ -69,12 +79,12 @@ nodeid = conpot-community-01
logfile = /data/conpot/log/conpot*.json logfile = /data/conpot/log/conpot*.json
[ELASTICPOT] [ELASTICPOT]
elasticpot = false elasticpot = true
nodeid = elasticpot-community-01 nodeid = elasticpot-community-01
logfile = /data/elasticpot/log/elasticpot.json logfile = /data/elasticpot/log/elasticpot.json
[SURICATA] [SURICATA]
suricata = true suricata = false
nodeid = suricata-community-01 nodeid = suricata-community-01
logfile = /data/suricata/log/eve.json logfile = /data/suricata/log/eve.json
@ -89,7 +99,7 @@ nodeid = rdpy-community-01
logfile = /data/rdpy/log/rdpy.log logfile = /data/rdpy/log/rdpy.log
[VNCLOWPOT] [VNCLOWPOT]
vnclowpot = true vnclowpot = false
nodeid = vnclowpot-community-01 nodeid = vnclowpot-community-01
logfile = /data/vnclowpot/log/vnclowpot.log logfile = /data/vnclowpot/log/vnclowpot.log
@ -127,3 +137,28 @@ logfile = /data/adbhoney/log/adbhoney.json
fatt = true fatt = true
nodeid = fatt-community-01 nodeid = fatt-community-01
logfile = /data/fatt/log/fatt.log logfile = /data/fatt/log/fatt.log
[IPPHONEY]
ipphoney = true
nodeid = ipphoney-community-01
logfile = /data/ipphoney/log/ipphoney.json
[DICOMPOT]
dicompot = true
nodeid = dicompot-community-01
logfile = /data/dicompot/log/dicompot.log
[MEDPOT]
medpot = true
nodeid = medpot-community-01
logfile = /data/medpot/log/medpot.log
[HONEYPY]
honeypy = true
nodeid = honeypy-community-01
logfile = /data/honeypy/log/json.log
[CITRIX]
citrix = true
nodeid = citrix-community-01
logfile = /data/citrixhoneypot/logs/server.log