update logrotating, cleanup.sh, add Suricata ET Pro support, tweaking

etc/compose/collect.yml

@@ -189,12 +189,15 @@ services:
   suricata:
     container_name: suricata
     restart: always
+    environment:
+    # For ET Pro ruleset replace <OPEN> with your OINKCODE
+     - OINKCODE=OPEN
     network_mode: "host"
     cap_add:
      - NET_ADMIN
      - SYS_NICE
      - NET_RAW
-    image: "dtagdevsec/suricata:1710"
+    image: "dtagdevsec/suricata:1804"
     volumes:
      - /data/suricata/log:/var/log/suricata
 

etc/compose/tpot.yml

@@ -291,12 +291,15 @@ services:
   suricata:
     container_name: suricata
     restart: always
+    environment:
+    # For ET Pro ruleset replace <OPEN> with your OINKCODE
+     - OINKCODE=OPEN
     network_mode: "host"
     cap_add:
      - NET_ADMIN
      - SYS_NICE
      - NET_RAW
-    image: "dtagdevsec/suricata:1710"
+    image: "dtagdevsec/suricata:1804"
     volumes:
      - /data/suricata/log:/var/log/suricata
 

etc/logrotate/logrotate.conf

@@ -1,5 +1,6 @@
-/data/conpot/log/conpot.json
-/data/conpot/log/conpot.log
+/data/ciscoasa/log/ciscoasa.log
+/data/conpot/log/conpot*.json
+/data/conpot/log/conpot*.log
 /data/cowrie/log/cowrie.json
 /data/cowrie/log/cowrie-textlog.log
 /data/cowrie/log/lastlog.txt
@@ -16,6 +17,8 @@
 /data/emobility/log/centralsystemEWS.log
 /data/glastopf/log/glastopf.log
 /data/glastopf/db/glastopf.db
+/data/heralding/log/*.log
+/data/heralding/log/*.csv
 /data/honeytrap/log/*.log
 /data/honeytrap/log/*.json
 /data/honeytrap/attacks.tgz