mirror of
				https://github.com/telekom-security/tpotce.git
				synced 2025-10-25 09:44:45 +00:00 
			
		
		
		
	 618ee3c6e9
			
		
	
	
		618ee3c6e9
		
	
	
	
	
		
			
			add kibana export / import config function ewsposter remove transmitting old elasticpot data (need update) final export of all objects
		
			
				
	
	
		
			137 lines
		
	
	
	
		
			2.7 KiB
		
	
	
	
		
			INI
		
	
	
	
	
	
			
		
		
	
	
			137 lines
		
	
	
	
		
			2.7 KiB
		
	
	
	
		
			INI
		
	
	
	
	
	
| [MAIN]
 | |
| homedir = /opt/ewsposter/
 | |
| spooldir = /opt/ewsposter/spool/
 | |
| logdir = /opt/ewsposter/log/
 | |
| del_malware_after_send = false
 | |
| send_malware = false
 | |
| sendlimit = 500
 | |
| contact = your_email_address
 | |
| proxy =
 | |
| ip =
 | |
| 
 | |
| [EWS]
 | |
| ews = true
 | |
| username = community-01-user
 | |
| token = foth{a5maiCee8fineu7
 | |
| rhost_first = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMessage
 | |
| rhost_second = https://community.sicherheitstacho.eu/ews-0.1/alert/postSimpleMessage
 | |
| ignorecert = false
 | |
| 
 | |
| [HPFEED]
 | |
| hpfeed = %(EWS_HPFEEDS_ENABLE)s
 | |
| host = %(EWS_HPFEEDS_HOST)s
 | |
| port = %(EWS_HPFEEDS_PORT)s
 | |
| channels = %(EWS_HPFEEDS_CHANNELS)s
 | |
| ident = %(EWS_HPFEEDS_IDENT)s
 | |
| secret= %(EWS_HPFEEDS_SECRET)s
 | |
| # path/to/certificate for tls broker - or "false" for non-tls broker
 | |
| tlscert = %(EWS_HPFEEDS_TLSCERT)s
 | |
| # hpfeeds submission format: "ews" (xml) or "json"
 | |
| hpfformat = %(EWS_HPFEEDS_FORMAT)s
 | |
| 
 | |
| [EWSJSON]
 | |
| json = false
 | |
| jsondir = /data/ews/json/
 | |
| 
 | |
| [GLASTOPFV3]
 | |
| glastopfv3 = true
 | |
| nodeid = glastopfv3-community-01
 | |
| sqlitedb = /data/glastopf/db/glastopf.db
 | |
| malwaredir = /data/glastopf/data/files/
 | |
| 
 | |
| [GLASTOPFV2]
 | |
| glastopfv2 = false
 | |
| nodeid =
 | |
| mysqlhost =
 | |
| mysqldb =
 | |
| mysqluser =
 | |
| mysqlpw =
 | |
| malwaredir =
 | |
| 
 | |
| [KIPPO]
 | |
| kippo = false
 | |
| nodeid =
 | |
| mysqlhost =
 | |
| mysqldb =
 | |
| mysqluser =
 | |
| mysqlpw =
 | |
| malwaredir =
 | |
| 
 | |
| [COWRIE]
 | |
| cowrie = true
 | |
| nodeid = cowrie-community-01
 | |
| logfile = /data/cowrie/log/cowrie.json
 | |
| 
 | |
| [DIONAEA]
 | |
| dionaea = true
 | |
| nodeid = dionaea-community-01
 | |
| malwaredir = /data/dionaea/binaries/
 | |
| sqlitedb = /data/dionaea/log/dionaea.sqlite
 | |
| 
 | |
| [HONEYTRAP]
 | |
| honeytrap = true
 | |
| nodeid = honeytrap-community-01
 | |
| newversion = true
 | |
| payloaddir = /data/honeytrap/attacks/
 | |
| attackerfile = /data/honeytrap/log/attacker.log
 | |
| 
 | |
| [RDPDETECT]
 | |
| rdpdetect = false
 | |
| nodeid =
 | |
| iptableslog =
 | |
| targetip =
 | |
| 
 | |
| [EMOBILITY]
 | |
| eMobility = false
 | |
| nodeid = emobility-community-01
 | |
| logfile = /data/emobility/log/centralsystemEWS.log
 | |
| 
 | |
| [CONPOT]
 | |
| conpot = true
 | |
| nodeid = conpot-community-01
 | |
| logfile = /data/conpot/log/conpot*.json
 | |
| 
 | |
| [ELASTICPOT]
 | |
| elasticpot = false
 | |
| nodeid = elasticpot-community-01
 | |
| logfile = /data/elasticpot/log/elasticpot.json
 | |
| 
 | |
| [SURICATA]
 | |
| suricata = true
 | |
| nodeid = suricata-community-01
 | |
| logfile = /data/suricata/log/eve.json
 | |
| 
 | |
| [MAILONEY]
 | |
| mailoney = true
 | |
| nodeid = mailoney-community-01
 | |
| logfile = /data/mailoney/log/commands.log
 | |
| 
 | |
| [RDPY]
 | |
| rdpy = true
 | |
| nodeid = rdpy-community-01
 | |
| logfile = /data/rdpy/log/rdpy.log
 | |
| 
 | |
| [VNCLOWPOT]
 | |
| vnclowpot = true
 | |
| nodeid = vnclowpot-community-01
 | |
| logfile = /data/vnclowpot/log/vnclowpot.log
 | |
| 
 | |
| [HERALDING]
 | |
| heralding = true
 | |
| nodeid = heralding-community-01
 | |
| logfile = /data/heralding/log/auth.csv
 | |
| 
 | |
| [CISCOASA]
 | |
| ciscoasa = true
 | |
| nodeid = ciscoasa-community-01
 | |
| logfile = /data/ciscoasa/log/ciscoasa.log
 | |
| 
 | |
| [TANNER]
 | |
| tanner = true
 | |
| nodeid = tanner-community-01
 | |
| logfile = /data/tanner/log/tanner_report.json
 | |
| 
 | |
| [GLUTTON]
 | |
| glutton = true
 | |
| nodeid = glutton-community-01
 | |
| logfile = /data/glutton/log/glutton.log
 |