mirror of
https://github.com/cowrie/cowrie.git
synced 2025-07-01 18:07:27 -04:00
813f35e86d
* typing * clean also cleans docs/ * ignore twistedchecker exit code * twistedchecker fixes * update docs. add copy button * add missing $ prompts * updated copyright * isort * remove flake8-import order. config flake8/isort/black * remove import order * docs restructure * should pick up settings from setup.cfg * put conversion code back in. JSON encoding needs it
How to send Cowrie output to Splunk ################################### Splunk Output Module ==================== * In Splunk, enable the HTTP Event Collector (go to Settings->Add Data) * Do not enable `Indexer Acknowledgment` * Copy the authorization token for later use * Modify ``cowrie.cfg`` to enable the ``[output_splunk]`` section * Configure the URL for HTTP Event Collector and add the authorization token you copied in the previous step * Optionally enable sourcetype, source, host and index settings File Based ========== * Collect ``/var/log/cowrie/cowrie.json`` output file using Splunk Reporting ========= Please see: https://github.com/aplura/Tango