telekom-security/tpotce
1
0
Fork 0
mirror of https://github.com/telekom-security/tpotce.git synced 2025-07-02 01:27:27 -04:00
Code Issues Packages Projects Releases Wiki Activity

bump dicompot to latest master

Browse Source
This commit is contained in:
t3chn0m4g3
2020-10-27 21:30:33 +00:00
parent f204cdf9b8
commit 92925cecbd
2 changed files with 7 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
docker/elk/logstash/dist/logstash.conf vendored
View File

@ -321,6 +321,7 @@ filter {
}
mutate {
rename => {
"ID" => "id"
"IP" => "src_ip"
"Port" => "src_port"
"AETitle" => "aetitle"
@ -542,6 +543,11 @@ if "_grokparsefailure" in [tags] { drop {} }
convert => { "status" => "integer" }
}
}
if [id] {
mutate {
convert => { "id" => "string" }
}
}
# Add T-Pot hostname and external IP
if [type] == "Adbhoney" or [type] == "Ciscoasa" or [type] == "CitrixHoneypot" or [type] == "ConPot" or [type] == "Cowrie" or [type] == "Dicompot" or [type] == "Dionaea" or [type] == "ElasticPot" or [type] == "Fatt" or [type] == "Glutton" or [type] == "Honeysap" or [type] == "Honeytrap" or [type] == "Heralding" or [type] == "Honeypy" or [type] == "Ipphoney" or [type] == "Mailoney" or [type] == "Medpot" or [type] == "P0f" or [type] == "Rdpy" or [type] == "Suricata" or [type] == "Tanner" {