Skip to content

Latest commit

 

History

History
8 lines (5 loc) · 834 Bytes

ReadMe.md

File metadata and controls

8 lines (5 loc) · 834 Bytes

TPOT-Honeypot-App

A Splunk App To Visualize the T-Mobile's TPOT Honeypot data

The T-Pot Honeypot is a virtual machine with multiple Honeypots created by T-Mobile, combining existing honeypots (glastopf, kippo, honeytrap and dionaea) with the network IDS/IPS suricata, and T-Mobile's own data submission ewsposter which now also supports hpfeeds honeypot data sharing. For more information on T-Pot please see http://dtag-dev-sec.github.io/mediator/feature/2015/03/17/concept.html.

The T-Mobile T-Pot Honeypot App contains dashboard visualizations for the T-Mobile T-Pot Honeypot Technical Add-on located here: https://splunkbase.splunk.com/app/4339/

Install this app on your Splunk Search Heads and change the "tpotindex" macro to point to the proper index that your T-Pot Honeypot data is saved if changed from the tpot index.