Permalink
Browse files

elastichoney ...

  • Loading branch information...
jt6211 committed Apr 27, 2015
1 parent 66d291a commit 24438f467d8f99130bfe74969da72bcb900a668b
View
@@ -23,4 +23,6 @@ index.html*
# Emacs
*~
*#
.#*
.#*
.DS_Store
@@ -51,7 +51,7 @@ wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCity.dat.gz && gz
wget http://geolite.maxmind.com/download/geoip/database/GeoLiteCityv6-beta/GeoLiteCityv6.dat.gz && gzip -d GeoLiteCityv6.dat.gz
SECRET=`python -c 'import uuid;print str(uuid.uuid4()).replace("-","")'`
/opt/hpfeeds/env/bin/python /opt/hpfeeds/broker/add_user.py geoloc $SECRET "geoloc.events" amun.events,dionaea.connections,dionaea.capture,glastopf.events,beeswarm.hive,kippo.sessions,conpot.events,snort.alerts,kippo.alerts,wordpot.events,shockpot.events,p0f.events,suricata.events
/opt/hpfeeds/env/bin/python /opt/hpfeeds/broker/add_user.py geoloc $SECRET "geoloc.events" amun.events,dionaea.connections,dionaea.capture,glastopf.events,beeswarm.hive,kippo.sessions,conpot.events,snort.alerts,kippo.alerts,wordpot.events,shockpot.events,p0f.events,suricata.events,elastichoney.events
cat > /opt/hpfeeds/geoloc.json <<EOF
{
@@ -71,7 +71,8 @@ cat > /opt/hpfeeds/geoloc.json <<EOF
"wordpot.events",
"shockpot.events",
"p0f.events",
"suricata.events"
"suricata.events",
"elastichoney.events"
],
"GEOLOC_CHAN": "geoloc.events"
}
@@ -25,7 +25,7 @@ fi
IDENT=hpfeeds-logger-arcsight
SECRET=`python -c 'import uuid;print str(uuid.uuid4()).replace("-","")'`
CHANNELS='amun.events,dionaea.connections,dionaea.capture,glastopf.events,beeswarm.hive,kippo.sessions,conpot.events,snort.alerts,suricata.events,wordpot.events,shockpot.events,p0f.events'
CHANNELS='amun.events,dionaea.connections,dionaea.capture,glastopf.events,beeswarm.hive,kippo.sessions,conpot.events,snort.alerts,suricata.events,wordpot.events,shockpot.events,p0f.events,elastichoney.events'
cat > /opt/hpfeeds-logger/arcsight.json <<EOF
{
@@ -45,7 +45,8 @@ cat > /opt/hpfeeds-logger/arcsight.json <<EOF
"suricata.events",
"wordpot.events",
"shockpot.events",
"p0f.events"
"p0f.events",
"elastichoney.events"
],
"log_file": "/var/log/mhn/mhn-arcsight.log",
"formatter_name": "arcsight"
@@ -25,7 +25,7 @@ fi
IDENT=hpfeeds-logger-splunk
SECRET=`python -c 'import uuid;print str(uuid.uuid4()).replace("-","")'`
CHANNELS='amun.events,dionaea.connections,dionaea.capture,glastopf.events,beeswarm.hive,kippo.sessions,conpot.events,snort.alerts,suricata.events,wordpot.events,shockpot.events,p0f.events'
CHANNELS='amun.events,dionaea.connections,dionaea.capture,glastopf.events,beeswarm.hive,kippo.sessions,conpot.events,snort.alerts,suricata.events,wordpot.events,shockpot.events,p0f.events,elastichoney.events'
cat > /opt/hpfeeds-logger/splunk.json <<EOF
{
@@ -45,7 +45,8 @@ cat > /opt/hpfeeds-logger/splunk.json <<EOF
"suricata.events",
"wordpot.events",
"shockpot.events",
"p0f.events"
"p0f.events",
"elastichoney.events"
],
"log_file": "/var/log/mhn/mhn-splunk.log",
"formatter_name": "splunk"
@@ -20,7 +20,7 @@ chmod 755 -R .
IDENT=mnemosyne
SECRET=`python -c 'import uuid;print str(uuid.uuid4()).replace("-","")'`
CHANNELS='amun.events,conpot.events,thug.events,beeswarm.hive,dionaea.capture,dionaea.connections,thug.files,beeswarn.feeder,cuckoo.analysis,kippo.sessions,glastopf.events,glastopf.files,mwbinary.dionaea.sensorunique,snort.alerts,wordpot.events,p0f.events,suricata.events,shockpot.events'
CHANNELS='amun.events,conpot.events,thug.events,beeswarm.hive,dionaea.capture,dionaea.connections,thug.files,beeswarn.feeder,cuckoo.analysis,kippo.sessions,glastopf.events,glastopf.files,mwbinary.dionaea.sensorunique,snort.alerts,wordpot.events,p0f.events,suricata.events,shockpot.events,elastichoney.events'
cat > /opt/mnemosyne/mnemosyne.cfg <<EOF
[webapi]

0 comments on commit 24438f4

Please sign in to comment.