[MAIN]
homedir = /opt/ewsposter/
spooldir = /opt/ewsposter/spool/
logdir = /opt/ewsposter/log/
del_malware_after_send = false
send_malware = true
sendlimit = 500
contact = your_email_address
proxy =
ip =

[EWS]
ews = true
username = your_username
token = your_token
rhost_first = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMessage
rhost_second = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMessage
ignorecert = false

[HPFEED]
hpfeed = %(EWS_HPFEEDS_ENABLE)s
host = %(EWS_HPFEEDS_HOST)s
port = %(EWS_HPFEEDS_PORT)s
channels = %(EWS_HPFEEDS_CHANNELS)s
ident = %(EWS_HPFEEDS_IDENT)s
secret= %(EWS_HPFEEDS_SECRET)s
# path/to/certificate for tls broker - or "false" for non-tls broker
tlscert = %(EWS_HPFEEDS_TLSCERT)s
# hpfeeds submission format: "ews" (xml) or "json"
hpfformat = %(EWS_HPFEEDS_FORMAT)s

[EWSJSON]
json = false
jsondir = /data/ews/json/

[GLASTOPFV3]
glastopfv3 = true
nodeid = glastopfv3-{{ HPNAME }}
sqlitedb = /data/glastopf/db/glastopf.db
malwaredir = /data/glastopf/data/files/

[GLASTOPFV2]
glastopfv2 = false
nodeid =
mysqlhost =
mysqldb =
mysqluser =
mysqlpw =
malwaredir =

[KIPPO]
kippo = false
nodeid =
mysqlhost =
mysqldb =
mysqluser =
mysqlpw =
malwaredir =

[COWRIE]
cowrie = true
nodeid = cowrie-{{ HPNAME }}
logfile = /data/cowrie/log/cowrie.json

[DIONAEA]
dionaea = true
nodeid = dionaea-{{ HPNAME }}
malwaredir = /data/dionaea/binaries/
sqlitedb = /data/dionaea/log/dionaea.sqlite

[HONEYTRAP]
honeytrap = true
nodeid = honeytrap-{{ HPNAME }}
newversion = true
payloaddir = /data/honeytrap/attacks/
attackerfile = /data/honeytrap/log/attacker.log

[RDPDETECT]
rdpdetect = false
nodeid =
iptableslog =
targetip =

[EMOBILITY]
eMobility = false
nodeid = emobility-{{ HPNAME }}
logfile = /data/emobility/log/centralsystemEWS.log

[CONPOT]
conpot = true
nodeid = conpot-{{ HPNAME }}
logfile = /data/conpot/log/conpot*.json

[ELASTICPOT]
elasticpot = true
nodeid = elasticpot-{{ HPNAME }}
logfile = /data/elasticpot/log/elasticpot.log

[SURICATA]
suricata = true
nodeid = suricata-{{ HPNAME }}
logfile = /data/suricata/log/eve.json

[MAILONEY]
mailoney = true
nodeid = mailoney-{{ HPNAME }}
logfile = /data/mailoney/log/commands.log

[RDPY]
rdpy = true
nodeid = rdpy-{{ HPNAME }}
logfile = /data/rdpy/log/rdpy.log

[VNCLOWPOT]
vnclowpot = true
nodeid = vnclowpot-{{ HPNAME }}
logfile = /data/vnclowpot/log/vnclowpot.log

[HERALDING]
heralding = true
nodeid = heralding-{{ HPNAME }}
logfile = /data/heralding/log/auth.csv

[CISCOASA]
ciscoasa = true
nodeid = ciscoasa-{{ HPNAME }}
logfile = /data/ciscoasa/log/ciscoasa.log

[TANNER]
tanner = true
nodeid = tanner-{{ HPNAME }}
logfile = /data/tanner/log/tanner_report.json

[GLUTTON]
glutton = true
nodeid = glutton-{{ HPNAME }}
logfile = /data/glutton/log/glutton.log