UI for events from Glutton, events streamed live from a development instance.
Any publicly available IP address is under a constant barrage of attacks. We want to identify trends and attacks which are interesting for honeypot development. The majority of events are internet background noise, so we need to be able to identify truly new events worth investigating. Threats are happening in real time and we don't scale to preserve history. We work on a live stream with the requirement to be able to easily filter and classify events which are interesting. Eventually we want to be able to enabled to quickly react to new trends, improve our sensors to collect valuable information.
If you have
makecommand working in your system and gotgcc compilerinstalled already, you can directly jump to point 2.
- Follow the steps mentioned here
- Go to your downloaded
ochifolder, run commandgo envand check if your go environment haveCGO_ENABLED="1"or not, if not then make appropriate changes in your system to haveCGO_ENABLED="1".
- Clone the repo
git clone https://github.com/honeynet/ochi.git - run
cd ochi - run
npm install
comment the dial() and uncomment the test() in src/App.svelte- run
npm run dev - Go to
http://localhost:8080in your browser.
- To build the project, run
make build - To start a local server, run
make local - Go to
localhost:3000in your browser - To generate fake events, follow frontend development's step 1.
- Start Ochi server with
make build && make local - Build Glutton server
- Update the Glutton config to include:
- Start Glutton server.
- Open http://localhost:3000 and you should see Glutton events if everything is working as expected.
- If you are uncommenting
test()and commentingdial(), please revert it back to its original state before generating PRs. - In case you are still facing any issue while setup, feel free to ask in discussion.