Merge pull request #12 from honeynet/sync-with-tpot

Sync with tpot
honeynet · Jan 19, 2024 · c0c7cac · c0c7cac
2 parents 3fc0fc5 + 053cad4
commit c0c7cac
Show file tree

Hide file tree

Showing 5 changed files with 46 additions and 16 deletions.
diff --git a/.travis.yml b/.travis.yml
diff --git a/README.md b/README.md
@@ -93,6 +93,14 @@ Use this variable to specify what version of filebeat you would like to use. The
   roles:
     - ansible-role-tpotce
 ```
+## Special Thanks
+
+<p>This project is supported by:</p>
+<p>
+  <a href="https://www.digitalocean.com/">
+    <img src="https://opensource.nyc3.cdn.digitaloceanspaces.com/attribution/assets/SVG/DO_Logo_horizontal_blue.svg" width="201px">
+  </a>
+</p>
 
 ## License
 

diff --git a/templates/logrotate/logrotate.conf.j2 b/templates/logrotate/logrotate.conf.j2
@@ -7,29 +7,35 @@
 /data/cowrie/log/cowrie.json
 /data/cowrie/log/cowrie-textlog.log
 /data/cowrie/log/lastlog.txt
+/data/ddospot/log/*.log
 /data/dicompot/log/dicompot.log
 /data/dionaea/log/dionaea.json
 /data/dionaea/log/dionaea.sqlite
 /data/dionaea/dionaea-errors.log
 /data/elasticpot/log/elasticpot.log
 /data/elasticpot/log/elasticpot.json
 /data/elk/log/*.log
+/data/endlessh/log/*.log
 /data/fatt/log/fatt.log
 /data/glutton/log/*.log
 /data/glutton/log/*.err
+/data/hellpot/log/*.log
 /data/heralding/log/*.log
 /data/heralding/log/*.csv
 /data/heralding/log/*.json
+/data/honeypots/log/*.log
 /data/honeypy/log/*.log
 /data/honeysap/log/*.log
 /data/honeytrap/log/*.log
 /data/honeytrap/log/*.json
 /data/ipphoney/log/*.json
+/data/log4pot/log/*.log
 /data/mailoney/log/*.log
 /data/medpot/log/*.log
 /data/nginx/log/*.log
 /data/p0f/log/p0f.json
 /data/rdpy/log/rdpy.log
+/data/redishoneypot/log/*.log
 /data/suricata/log/*.log
 /data/suricata/log/*.json
 /data/tanner/log/*.json

diff --git a/templates/tpot/tpot.yml.j2 b/templates/tpot/tpot.yml.j2
@@ -51,6 +51,9 @@ networks:
 {% if "tanner" in honeypot_list %}
   tanner_local:
 {% endif %}
+{% if "log4pot" in honeypot_list %}
+  log4pot_local:
+{% endif %}
 {% if "ewsposter" in honeypot_list %}
   ewsposter_local:
 {% endif %}
@@ -558,6 +561,25 @@ services:
      - tanner
 {% endif %}
 
+{% if "log4pot" in honeypot_list %}
+# Log4pot service
+  log4pot:
+    container_name: log4pot
+    restart: always
+    networks:
+     - log4pot_local
+    ports:
+     - "80:8080"
+     - "443:8080"
+     - "8080:8080"
+     - "9200:8080"
+    image: "dtagdevsec/log4pot:2006"
+    read_only: true
+    volumes:
+     - /data/log4pot/log:/var/log/log4pot/log
+     - /data/log4pot/payloads:/var/log/log4pot/payloads
+{% endif %}
+
 ##################
 #### NSM
 ##################

diff --git a/vars/main.yml b/vars/main.yml
@@ -100,6 +100,10 @@ DIRECTORYLIST:
   - /data/cowrie/keys/
   - /data/cowrie/misc/
   - /data/cowrie/log/tty/
+  - /data/ddospot/bl
+  - /data/ddospot/db
+  - /data/ddospot/log
+  - /data/dicompot/images
   - /data/dicompot/log
   - /data/dionaea/log
   - /data/dionaea/bistreams
@@ -112,22 +116,28 @@ DIRECTORYLIST:
   - /data/elasticpot/log
   - /data/elk/data
   - /data/elk/log
+  - /data/endlessh/log
   - /data/fatt/log
   - /data/honeytrap/log/
   - /data/honeytrap/attacks/
   - /data/honeytrap/downloads/
   - /data/glutton/log
+  - /data/hellpot/log
   - /data/heralding/log
+  - /data/honeypots/log
   - /data/honeypy/log
   - /data/honeysap/log
   - /data/ipphoney/log
+  - /data/log4pot/log
+  - /data/log4pot/payloads
   - /data/mailoney/log
   - /data/medpot/log
   - /data/nginx/log
   - /data/nginx/heimdall
   - /data/emobility/log
   - /data/ews/conf
   - /data/rdpy/log
+  - /data/redishoneypot/log
   - /data/spiderfoot
   - /data/suricata/log
   - /data/tanner/log