Alex-Devera/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-01 20:42:11 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

tweaking

Browse source
This commit is contained in:
t3chn0m4g3 2019-03-19 11:08:23 +00:00
parent 5b710d5b28
commit e8d8773863
3 changed files with 9 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

12
docker/elk/logstash/dist/logstash.conf vendored
View file

@ -425,12 +425,12 @@ output {
# document_type => "doc" # document_type => "doc"
} }
if [type] == "Suricata" { #if [type] == "Suricata" {
file { # file {
file_mode => 0760 # file_mode => 0760
path => "/data/suricata/log/suricata_ews.log" # path => "/data/suricata/log/suricata_ews.log"
} # }
} #}
# Debug output # Debug output
#if [type] == "XYZ" { #if [type] == "XYZ" {
# stdout { # stdout {

2
docker/ews/dist/ews.cfg vendored
View file

@ -99,7 +99,7 @@ logfile = /data/elasticpot/log/elasticpot.log
[SURICATA] [SURICATA]
suricata = true suricata = true
nodeid = suricata-community-01 nodeid = suricata-community-01
logfile = /data/suricata/log/suricata_ews.log logfile = /data/suricata/log/eve.json
[MAILONEY] [MAILONEY]
mailoney = true mailoney = true

3
docker/suricata/dist/capture-filter.bpf vendored
View file

@ -1,3 +1,4 @@
not (host sicherheitstacho.eu or community.sicherheitstacho.eu) and not (host sicherheitstacho.eu or community.sicherheitstacho.eu) and
not (host archive.ubuntu.com or security.ubuntu.com) and not (host archive.ubuntu.com or security.ubuntu.com) and
not (host index.docker.io or docker.io) not (host index.docker.io or docker.io) and
not (host hpfeeds.sissden.eu)