Logrotate and kippo update

cudeso · Jul 10, 2015 · d3cbed1 · d3cbed1
1 parent 351c487
commit d3cbed1
Show file tree

Hide file tree

Showing 5 changed files with 26 additions and 10 deletions.
diff --git a/DOC/dionaea.INSTALL.md b/DOC/dionaea.INSTALL.md
@@ -34,7 +34,7 @@ sudo apt-get install dionaea-phibo
 
 P0f can be started from the command line with 
 ```
-sudo p0f -i any -u root -Q /tmp/p0f.sock -q -l
+sudo p0f -i any -u root -Q /var/run/p0f.sock -q -l
 ```
 
 Make sure that the socket (-Q) is also accessible by dionaea. Alternatively you can use the init-script in p0f/p0f_init.sh
@@ -57,6 +57,7 @@ sudo apt-get install gnuplot
 # Configuration
 
 The configuration files are in /etc/dionaea/ and the data files are in /var/lib/dionaea/
+Use the config file in this repository **dionaea/dionaea.conf**
 
 ## Enable P0f
 

diff --git a/DOC/kippo.INSTALL.md b/DOC/kippo.INSTALL.md
@@ -30,11 +30,11 @@ Create a mysql database and user for kippo. Generate the tables from **doc/sql/m
 
 # Configuration
 
-The kippo configuration is stored in kippo.cfg.
+The kippo configuration is stored in kippo.cfg. You can copy the config file from **kippo/kippo.cfg**
 
 ## Mysql
 
-Enable the mysql configuration by changing the section [database_mysql]. Set the database, hostname, username and password.
+Enable the mysql configuration by changing the section [database_mysql]. Set the database, hostname, username and password. I don't use mysql in this setup.
 
 ## Kippo hostname
 

diff --git a/dionaea/dionaea.logrotate b/dionaea/dionaea.logrotate
@@ -8,7 +8,7 @@
         create 660 root root
         dateext
         postrotate
-                supervisorctl restart dionaea
+                /etc/init.d/dionaea-phibo restart
         endscript
 }
 
diff --git a/elk/query_ELK.py b/elk/query_ELK.py
@@ -0,0 +1,15 @@
+#!/usr/bin/python
+
+import urllib2
+import json
+
+url="http://192.168.218.140:9200/_search?q=geoip.country_code2:be"
+
+req = urllib2.Request(url)
+out = urllib2.urlopen(req)
+data = out.read()
+print data
+
+
+
+{"filtered":{"query":{"bool":{"should":[{"query_string":{"query":"*"}}]}},"filter":{"bool":{"must":[{"range":{"@timestamp":{"from":1418607243883,"to":1419212043883}}}]}}}}
diff --git a/kippo/kippo.cfg b/kippo/kippo.cfg
@@ -160,12 +160,12 @@ interact_port = 5123
 # To enable this module, remove the comments below, including the
 # [database_mysql] line.
 
-[database_mysql]
-host = localhost
-database = kippo
-username = root
-password = 
-port = 3306
+#[database_mysql]
+#host = localhost
+#database = kippo
+#username = root
+#password = 
+#port = 3306
 
 # XMPP Logging
 #