anti
3e98c71ca4
Core CLI, service plugins (SSH/SMB/FTP/HTTP/RDP), Docker Compose orchestration, MACVLAN networking, and Logstash log forwarding. Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
27 lines
549 B
Django/Jinja
27 lines
549 B
Django/Jinja
[honeypot]
|
|
hostname = {{ COWRIE_HOSTNAME | default('svr01') }}
|
|
listen_endpoints = tcp:2222:interface=0.0.0.0
|
|
|
|
[ssh]
|
|
enabled = true
|
|
listen_endpoints = tcp:2222:interface=0.0.0.0
|
|
|
|
{% if COWRIE_LOG_HOST is defined and COWRIE_LOG_HOST %}
|
|
[output_jsonlog]
|
|
enabled = true
|
|
logfile = cowrie.json
|
|
|
|
[output_localsocket]
|
|
enabled = false
|
|
|
|
# Forward JSON events to SIEM/aggregator
|
|
[output_tcp]
|
|
enabled = true
|
|
host = {{ COWRIE_LOG_HOST }}
|
|
port = {{ COWRIE_LOG_PORT | default('5140') }}
|
|
{% else %}
|
|
[output_jsonlog]
|
|
enabled = true
|
|
logfile = cowrie.json
|
|
{% endif %}
|