Comments (6)
Response to Questions
- Will it be exposed over a HTTP based API?
Yes, we will be exposing the frontend over a http API.
what we want is to start with a simple frontend
[11:07]
where we can show some info like honeycast
[11:07]
so last sessions, durations etc
[11:07]
this is information we gathered using the channels
The API will be exposed over a /api
route which allows us to easily interface with the honeytrap backend.
from honeytrap.
Initial Thoughts:
-
Should we have the API glean from all individual channels we are using or create a specific channel which retrieves specific messages, events to be stored?
-
Should we initially use an embedded DB to store this data and serve them over endpoints on calls to the API?
Embedded DB: Boltdb (https://github.com/boltdb/bolt)
Expose Sample API:
/events - Returns all slice of all events we wish to have stored by API
/sessions - Returns a struct which contains a slice of PushMessage and session related
events for the api.
from honeytrap.
Though I do wonder if the Event
is more than enough for it, has the PushMessage
might contain data related to network or tarred container data. Hence making them an un-necessary overweight, but events keeping just the details we need. (Start, stop, details).
Ah, to my code, we can just stick with PushMessages
, has the Event
system sends a PushMessage when called to deliver an event.
from honeytrap.
Also we want to be able to filter them in the frontend, so you can enable or disable certain events youβre not interested in.
from honeytrap.
From the above discussion we can note the following:
- Stick entirely to
PushMessage
created by Events. - Expose two endpoints:
/session
and/events
. - Expose API ability to return filtered results based on received events on API (based on params).
from honeytrap.
We have decided that for a more broader scope on request for the HTTP API, we will be using this format to make requests for the HTTP headers, to allow us easily tailor response to those items we wish to filter.
// EventResponse defines a struct which is sent a request type used to respond to
// given requests.
type EventResponse struct {
ResponsePerPage int `json:"responser_per_page"`
Page int `json:"page"`
Events []message.Event `json:"events"`
}
// EventRequest defines a struct which receives a request type used to retrieve
// given requests type.
type EventRequest struct {
ResponsePerPage int `json:"responser_per_page"`
Page int `json:"page"`
TypeFilters map[string]bool `json:"types"`
SensorFilters map[string]bool `json:"sensors"`
}
from honeytrap.
Related Issues (20)
- Problem in build honeytrap
- Build is broken due to honeytrap/netstack being outdated? HOT 2
- Rabbit MQ 14:52:04.894 honeytrap/server dial tcp [::1]:5672: connect: connection refused HOT 6
- SSH simulator run commands HOT 3
- SSH simulator vs ssh jail
- How do I filter a trusted IP?
- Can't start honeytrap
- Honeytrap source install on Centos 7 HOT 3
- Help with registering a new service HOT 2
- log file timeout? HOT 1
- Events from HoneyTrap to ELK (standalone) HOT 2
- Docker compose ES keeps exiting with code 1 HOT 1
- Start ftp service as passive instead of active HOT 2
- JA3 Fingerprint issue HOT 1
- Protocols Don't work HOT 3
- icmp protocol?
- can't connect elasticsearch
- can't test https connections HOT 1
- Honey related
- Log HTTP HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from honeytrap.