Code Monkey home page Code Monkey logo

Comments (4)

influx6 avatar influx6 commented on June 12, 2024

We need to implement a new Event API which will be called appropriately in different areas of code to deliver event details which will be send to pushers for delivery to their respective channels, this Event types must also have a textual representation suitable for logging.

We have the following events:

  • honeytrap global events, like starting and stopping, starting containers, stopping containers
  • specific session events, like ssh session start, login etc
  • data (like files, packet logs, etc)

I think 1+2 can be fit within the event API.

from honeytrap.

influx6 avatar influx6 commented on June 12, 2024

All events will be sent as part of the Data field of the PushMessage type, as PushMessage will be the defactor means by which all messages are delivered and pushed by channels.

We will also be removing the RecordPush and the Record API, has this has been superseded by the PushMessage and Pusher API.

from honeytrap.

influx6 avatar influx6 commented on June 12, 2024

To allow more flexibility in how we filter messages to specific channels, we will need to allow duplicate channels based on giving keyed values. This will allow us for example, to have multiple slack backends that deliver messages to different channels of same or different slack groups.

Backends with no key in value will have the default name of the backend use (no duplicates will be allowed and panic will occur for this, if found).

[[backend.honeytrap]]
host = "http://api.honeytrap.io/"
token = "b0b6e462-ef0b-11e6-abc7-0fb6247f5820"

[[backend.slack]]
key = "slack.1"
host = "https://hooks.slack.com/services/"
token = "blabla"

[[backend.slack]]
key = "slack.2"
host = "https://hooks.slack.com/services/"
token = "boooosd43433oa"

[[channel]]
backend = ['honeytrap', 'slack.2']
events = ['*']
categories = ['ping']
sensors = ['ssh', 'http']

[[channel]]
backend = ['slack.1', 'honeytrap', 'elasticsearch']
events = ['reads*']
categories = ['ping']
sensors = ['http']

from honeytrap.

influx6 avatar influx6 commented on June 12, 2024

Currently the last PR adjusted the details we needed in for the new channel and event API. If we feel we need to have more changes added or the criteria of this PR were not met, then we will reopen the issue.

from honeytrap.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.