mirror of
				https://github.com/telekom-security/tpotce.git
				synced 2025-10-25 17:54:44 +00:00 
			
		
		
		
	
		
			
				
	
	
		
			117 lines
		
	
	
	
		
			3.7 KiB
		
	
	
	
		
			INI
		
	
	
	
	
	
			
		
		
	
	
			117 lines
		
	
	
	
		
			3.7 KiB
		
	
	
	
		
			INI
		
	
	
	
	
	
| # HoneyPy/etc/honeypy.cfg
 | |
| # https://github.com/foospidy/HoneyPy
 | |
| 
 | |
| [honeypy]
 | |
| # select any name for this HoneyPy node, it can be anything you want (default is: honeypy).
 | |
| # It will be displayed in tweets, Slack messages, and other integrations.
 | |
| nodename  = honeypy
 | |
| 
 | |
| #add a comma seperated list of ip addresses to supress logging of your local scanners
 | |
| #whitelist = 192.168.0.5, 192.168.0.21
 | |
| 
 | |
| #include the following service profiles (comma seperated), all services will be combined.
 | |
| #enabling this will disable the use of service.cfg, which will not be processed
 | |
| #service_profiles = services.databases.profile, services.linux.profile
 | |
| 
 | |
| # Limit internal log files to a single day. Useful for deployments with limited disk space.
 | |
| limit_internal_logs = Yes
 | |
| 
 | |
| # Directory for internal HoneyPy logs (not external loggers).
 | |
| # Use leading slash for absolute path, or omit for relative path
 | |
| internal_log_dir = log/
 | |
| 
 | |
| # Tweet events on Twitter. Having a dedicated Twitter account for this purpose is recommended.
 | |
| # You will need to Twitter API credentials for this to work. See https://dev.twitter.com/oauth/application-only
 | |
| [twitter]
 | |
| enabled        = No
 | |
| consumerkey    =
 | |
| consumersecret =
 | |
| oauthtoken     =
 | |
| oauthsecret    =
 | |
| 
 | |
| ########################################################################################################
 | |
| # Animus is dead! (http://morris.guru/the-life-and-death-of-animus/) This feature should be use no more.
 | |
| # enable tweats to include querying Animus Threat Bot (https://github.com/threatbot)
 | |
| # ask_animus     = No
 | |
| ########################################################################################################
 | |
| #
 | |
| # Animus rises from the ashes! https://animus.io/
 | |
| #
 | |
| ########################################################################################################
 | |
| #
 | |
| # Animus falls again. https://github.com/hslatman/awesome-threat-intelligence/pull/101
 | |
| #
 | |
| ########################################################################################################
 | |
| 
 | |
| # Post your events to HoneyDB. Your HoneyPy honepots can contribute threat information to HoneyDB.
 | |
| # You will need to create API credentails for this to work. See https://riskdiscovery.com/honeydb/#threats
 | |
| [honeydb]
 | |
| enabled  = No
 | |
| api_id   =
 | |
| api_key  =
 | |
| 
 | |
| # Post your events to a Slack channel. Having a dedicated Slack channel for this is recommended.
 | |
| # For setting up your Slack webhook see https://api.slack.com/incoming-webhooks
 | |
| [slack]
 | |
| enabled     = No
 | |
| webhook_url =
 | |
| 
 | |
| [logstash]
 | |
| enabled = No
 | |
| host    =
 | |
| port    =
 | |
| 
 | |
| [elasticsearch]
 | |
| enabled = No
 | |
| # Elasticsearch url should include ":port/index/type
 | |
| # example: http://localhost:9200/honeypot/honeypy
 | |
| es_url  =
 | |
| 
 | |
| [telegram]
 | |
| # You need to add your bot to channel or group, and get the bot token see https://core.telegram.org/bots
 | |
| enabled = No
 | |
| # Telegram bot HTTP API Token
 | |
| bot_id =
 | |
| 
 | |
| [sumologic]
 | |
| enabled = No
 | |
| # create a http collector source and use the url provided
 | |
| # https://help.sumologic.com/Send-Data/Sources/02Sources-for-Hosted-Collectors/HTTP-Source/Upload-Data-to-an-HTTP-Source
 | |
| url =
 | |
| custom_source_host =
 | |
| custom_source_name =
 | |
| custom_source_category =
 | |
| 
 | |
| [splunk]
 | |
| enabled = No
 | |
| # /services/receivers/simple api endpoint
 | |
| url = https://localhost:8089/services/receivers/simple
 | |
| username =
 | |
| password =
 | |
| 
 | |
| [rabbitmq]
 | |
| enabled = No
 | |
| # Here you need create rabbitmq config url to be used with pika python lib
 | |
| # For ex. 1) amqp://username:password@rabbitmq_host/%2f
 | |
| #          2) amqp://username:password@127.0.0.1/%2f
 | |
| url_param =
 | |
| # Name of the Rabbitmq Exchange
 | |
| # Ex. mycoolexchange
 | |
| exchange =
 | |
| # Rabbitmq routing Key if not configured in rabbitmq leave it
 | |
| # Ex. honeypy
 | |
| routing_key =
 | |
| 
 | |
| [file]
 | |
| enabled = Yes
 | |
| filename = log/json.log
 | |
| 
 | |
| [hpfeeds]
 | |
| enabled    = No
 | |
| persistent = Yes
 | |
| server     = 127.0.0.1
 | |
| port       = 20000
 | |
| ident      = ident
 | |
| secret     = secret
 | |
| channel    = channel
 | |
| serverid   = id
 | 
