Files
DECNET/templates/cowrie/cowrie.cfg.j2
anti 3e98c71ca4 Initial commit: DECNET honeypot/deception network framework
Core CLI, service plugins (SSH/SMB/FTP/HTTP/RDP), Docker Compose
orchestration, MACVLAN networking, and Logstash log forwarding.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-03 18:56:25 -03:00

27 lines
549 B
Django/Jinja

[honeypot]
hostname = {{ COWRIE_HOSTNAME | default('svr01') }}
listen_endpoints = tcp:2222:interface=0.0.0.0
[ssh]
enabled = true
listen_endpoints = tcp:2222:interface=0.0.0.0
{% if COWRIE_LOG_HOST is defined and COWRIE_LOG_HOST %}
[output_jsonlog]
enabled = true
logfile = cowrie.json
[output_localsocket]
enabled = false
# Forward JSON events to SIEM/aggregator
[output_tcp]
enabled = true
host = {{ COWRIE_LOG_HOST }}
port = {{ COWRIE_LOG_PORT | default('5140') }}
{% else %}
[output_jsonlog]
enabled = true
logfile = cowrie.json
{% endif %}