move log/ttylog and download directories

2026-01-31 12:04:24 +01:00 · 2016-11-14 11:01:10 +04:00
parent a1c3cfea0a
commit 0451ee5e6b
6 changed files with 17 additions and 12 deletions
--- a/bin/cowrie
+++ b/bin/cowrie
@@ -45,9 +45,9 @@ cowrie_start() {
    echo "Starting cowrie with extra arguments [$XARGS] ..."
    if [ $AUTHBIND_ENABLED = "no" ]
    then
-        twistd $XARGS -l log/cowrie.log --umask 0077 --pidfile ${PIDFILE} cowrie
+        twistd $XARGS -l ${LOGFILE} --umask 0077 --pidfile ${PIDFILE} cowrie
    else
-        authbind --deep twistd $XARGS -l log/cowrie.log --umask 0077 --pidfile cowrie.pid cowrie
+        authbind --deep twistd $XARGS -l ${LOGFILE} --umask 0077 --pidfile ${PIDFILE} cowrie
    fi
 }

@@ -78,6 +78,7 @@ find_cowrie_directory $0
 cd ${COWRIEDIR}
 export PYTHONPATH=${PYTHONPATH}:${COWRIEDIR}
 PIDFILE=var/run/cowrie.pid
+LOGFILE="var/log/cowrie/cowrie.log"
 set -e

 key=$1
--- a/cowrie/insults/insults.py
+++ b/cowrie/insults/insults.py
@@ -29,7 +29,7 @@ class LoggingServerProtocol(insults.ServerProtocol):
        self.bytesReceived = 0
        self.interactors = []

-        self.ttylogPath = cfg.get('honeypot', 'log_path')
+        self.ttylogPath = cfg.get('honeypot', 'ttylog_path')
        self.downloadPath = cfg.get('honeypot', 'download_path')

        try:
@@ -54,7 +54,7 @@ class LoggingServerProtocol(insults.ServerProtocol):
        transportId, channelId = self.getSessionId()

        self.startTime = time.time()
-        self.ttylogFile = '%s/tty/%s-%s-%s%s.log' % \
+        self.ttylogFile = '%s/%s-%s-%s%s.log' % \
            (self.ttylogPath, time.strftime('%Y%m%d-%H%M%S'),
            transportId, channelId, self.type)
        ttylog.ttylog_open(self.ttylogFile, self.startTime)
--- a/etc/cowrie.cfg.dist
+++ b/etc/cowrie.cfg.dist
@@ -25,14 +25,20 @@ hostname = svr04

 # Directory where to save log files in.
 #
-# (default: log)
-log_path = log
+# (default: var/log/cowrie)
+log_path = var/log/cowrie


 # Directory where to save downloaded artifacts in.
 #
-# (default: dl)
-download_path = dl
+# (default: var/lib/dl)
+download_path = var/lib/dl
+
+
+# Directory where to save tty logfiles in.
+#
+# (default: var/lib/ttylog)
+ttylog_path = var/lib/ttylog


 # Directory where virtual file contents are kept in.
@@ -250,7 +256,7 @@ enabled = true
 [telnet]

 # Enable Telnet support, disabled by default
-enabled = false
+enabled = true

 # IP addresses to listen for incoming Telnet connections.
 #
@@ -302,7 +308,7 @@ enabled = false
 # JSON based logging module
 #
 [output_jsonlog]
-logfile = log/cowrie.json
+logfile = var/log/cowrie/cowrie.json


 # Supports logging to Elasticsearch
--- a/log/tty/.gitignore
+++ b/log/tty/.gitignore
@@ -1,2 +0,0 @@
-*
-!.gitignore
--- a/var/lib/dl/.gitignore
+++ b/var/lib/dl/.gitignore
--- a/var/lib/ttylog/.gitignore
+++ b/var/lib/ttylog/.gitignore