Send Email Alerts from T-Pot


I have been running T-Pot honeypots for a while, but find I need to watch for intrusions being detected.

[login to view URL]

If I could get an email alert send when a Honeypot detects an intrusion, it would mean it becomes an automated alarm.

The T-Pot system containerises the honeypots and the ElasticSearch system. So cannot directly edit the files.

Instructions suggest modifying [login to view URL] - but not how.

[login to view URL]

[login to view URL]

--Also Management, Elastic Search, Watcher

Create threshold alert

There is an Email setting, but reports Disabled. Configure elasticsearch.yml.

There are lots a hits from Suricata and P0F

So, only need to trigger an alert when the following

type:"Adbhoney" OR type:"Ciscoasa" OR type:"CitrixHoneypot" OR type:"ConPot" OR type:"Cowrie" OR type:"Dionaea" OR type:"ElasticPot" OR type:"Glastopf" OR type:"Glutton" OR type:"Heralding" OR type:"Honeypy" OR type:"Honeytrap" OR type:"Mailoney" OR type:"Medpot" OR type:"Rdpy" OR type:"Tanner"

have occured.

Skills: Linux, Docker, Elasticsearch

See more: send email form post asp, submit doesnt send email, flash send email, send email people, php login exchange send email password, perl send email script database, send email notification event triggered sharepoint, mysql send email via trigger, phpbb send email users post, javascript functions send email, send email php coder, send email 1000 contacts, send email morning 900 using cnet windows service, email alerts mt4, send email automatically, chronoforms doesn`t send email, asp net send email alerts days, send email alerts post made php mysql

About the Employer:
( 0 reviews ) Plymouth, United Kingdom

Project ID: #26237386

1 freelancer is bidding on average £200 for this job


Would you like to give me a chance. One month ago, I setup a network of HoneyPot, Firewall, Web server and Snort for my client. So at that time I worked with T-Pot. I will be looking for forward to your message.

£200 GBP in 5 days
(0 Reviews)