UI for events from Glutton, events streamed live from a development instance.
Any publicly available IP address is under a constant barrage of attacks. We want to identify trends and attacks which are interesting for honeypot development. The majority of events are internet background noise, so we need to be able to identify truly new events worth investigating. Threats are happening in real time and we don't scale to preserve history. We work on a live stream with the requirement to be able to easily filter and classify events which are interesting. Eventually we want to be able to enabled to quickly react to new trends, improve our sensors to collect valuable information.
If you have
make
command working in your system and gotgcc compiler
installed already, you can directly jump to point 2.
- Follow the steps mentioned here
- Go to your downloaded
ochi
folder, run commandgo env
and check if your go environment haveCGO_ENABLED="1"
or not, if not then make appropriate changes in your system to haveCGO_ENABLED="1"
.
- Clone the repo
git clone https://github.com/honeynet/ochi.git
- run
cd ochi
- run
npm install
comment the dial() and uncomment the test() in src/App.svelte
- run
npm run dev
- Go to
http://localhost:8080
in your browser.
- To build the project, run
make build
- To start a local server, run
make local
- Go to
localhost:3000
in your browser - To generate fake events, follow frontend development's step 1.
- Start Ochi server with
make build && make local
- Build Glutton server
- Update the Glutton config to include:
- Start Glutton server.
- Open http://localhost:3000 and you should see Glutton events if everything is working as expected.
- If you are uncommenting
test()
and commentingdial()
, please revert it back to its original state before generating PRs. - In case you are still facing any issue while setup, feel free to ask in discussion.