ELK 7.6.0 is not ready for production, however it works if APM is enabled (disabled in config, so image wont build as precaution)
Remove SISSDEN from ewsposter, suricata
Bump suricata to 5.0.1
Alpine now support suricata incl. enabled JA3 support, move back to Alpine install
This commit is contained in:
t3chn0m4g3
2020-02-14 15:28:06 +00:00
parent a49d560809
commit f11ad6b523
13 changed files with 161 additions and 211 deletions

View File

@ -10,20 +10,6 @@ fi
myTPOTYMLFILE="/opt/tpot/etc/tpot.yml"
function fuSISSDEN () {
echo
echo "You chose SISSDEN, you just need to provide ident and secret"
echo
myENABLE="true"
myHOST="hpfeeds.sissden.eu"
myPORT="10000"
myCHANNEL="t-pot.events"
myCERT="/opt/ewsposter/sissden.pem"
read -p "Ident: " myIDENT
read -p "Secret: " mySECRET
myFORMAT="json"
}
function fuGENERIC () {
echo
echo "You chose generic, please provide all the details of the broker"
@ -119,8 +105,7 @@ echo
echo
echo "Please choose your broker"
echo "---------------------------"
echo "[1] - SISSDEN"
echo "[2] - Generic (enter details manually)"
echo "[1] - Generic (enter details manually)"
echo "[0] - Opt out of HPFEEDS"
echo "[q] - Do not agree end exit"
echo
@ -130,10 +115,6 @@ while [ 1 != 2 ]
echo $mySELECT
case "$mySELECT" in
[1])
fuSISSDEN
break
;;
[2])
fuGENERIC
break
;;