Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Generic database support #60

Open
glaslos opened this issue Jul 2, 2013 · 3 comments

Comments

@glaslos
Copy link
Member

commented Jul 2, 2013

We should provide a generic (SQLAlchemy?) database interface to provide a more flexible way to store events.

@ghost ghost assigned johnnykv Sep 11, 2013

@johnnykv

This comment has been minimized.

Copy link
Member

commented Sep 24, 2013

(partly snipped from e-mail discussion)

Dumping to database with SQLAlchemy is easy. Hard part is how to format the data to make analysis easier.
To enable proper logging i am currently thinking in the lines of:

conpot.log(protocol, raw_request, interpreted_request, source_ip, source_port, session_id)

or

conpot.log_http(verb, path, agent, source_ip, source_port, raw_request, session_id)

(each protocol would have it's own method and db table).
I prefer option 2...

@glaslos

This comment has been minimized.

Copy link
Member Author

commented Sep 24, 2013

I agree with you, otherwise we end up parsing raw data in the database module or storing raw and doing all the parsing in the analysis.

@johnnykv

This comment has been minimized.

Copy link
Member

commented Sep 27, 2013

working on this issue in https://github.com/glastopf/glasdb

@johnnykv johnnykv removed this from the 0.4.0 milestone Dec 20, 2014

@glaslos glaslos modified the milestone: 0.6.0 Nov 11, 2015

@xandfury xandfury referenced this issue Apr 2, 2018

@xandfury xandfury modified the milestones: 0.6.0, 0.6.1 Aug 2, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
3 participants
You can’t perform that action at this time.