====== Downloads ======

Soon we make the VM images available for download here.

===== Warden connectors =====

These connectors serve as output/ihandler plugins which output honeypot events as [[https://idea.cesnet.cz/|IDEA]] event files to a directory specified in their configuration files.

They are created to work in tandem with our [[https://warden.cesnet.cz/en/participation|Warden Filer]] (hence the name), and so they expect the existence of the following directory structure:

    * ''tmp'' -- here, the event is created.
    * ''incoming'' -- after the event is created and completed in ''tmp'', it is then atomically moved here. Warden Filer then picks files up from this directory.
    * ''errors'' -- when an error in parsing, validation, or sending occurs, Warden Filer moves the event here.

==== Cowrie ====

**Current version (master):** [[https://gitlab.cesnet.cz/713/warden/warden-connectors/-/raw/master/cowrie/wardenfiler.py|wardenfiler.py]]

**Installation:**

    - [[https://docs.cowrie.org/en/latest/INSTALL.html|Install Cowrie]] into the ''$COWRIE_DIR'' directory.
    - Download and save ''wardenfiler.py'' to the ''$COWRIE_DIR/src/cowrie/output'' directory.
    - Configure the connector using the ''$COWRIE_DIR/etc/cowrie.cfg'' file - create the ''[output_wardenfiler]'' section and insert the configuration as shown in the [[https://gitlab.cesnet.cz/713/warden/warden-connectors/-/blob/master/cowrie/cowrie.cfg.example?ref_type=heads#L87|example ''cowrie.cfg'']].
    - Once started, Cowrie should start producing events to the directory specified in the ''[output_wardenfiler]'' section, ''output_dir'' key. At least the subdirectories ''tmp'' and ''incoming'' need to exist in this directory, and Cowrie must be granted R/W permissions to these.

==== Dionaea ====

**Current version (master):** [[https://gitlab.cesnet.cz/713/warden/warden-connectors/-/raw/master/dionaea/log_wardenfiler.py|log_wardenfiler.py]]

**Installation from the source distribution:**

    - Download the Dionaea source code to the ''$DIO_DIR'' directory.
    - Download and save ''log_wardenfiler.py'' to the ''$DIO_DIR/modules/python/dionaea'' directory.
    - [[https://dionaea.readthedocs.io/en/latest/installation.html#from-source|Build Dionaea]].
    - Configure the connector - put the configuration in ''$DIO_DIR/etc/dionaea/ihandlers-available/log_wardenfiler.yaml''. [[https://gitlab.cesnet.cz/713/warden/warden-connectors/-/blob/master/dionaea/log_wardenfiler.yaml.example|Example ''log_wardenfiler.yaml'' is available]].
    - In ''$DIO_DIR/etc/dionaea/ihandlers-enabled'', create a symlink: ''ln -s ../ihandlers-available/log_wardenfiler.yaml log_wardenfiler.yaml''
    - Once started, Dionaea should start producing events to the directory specified in the configuration file, key ''config.output_dir''. At least the subdirectories ''tmp'' and ''incoming'' need to exist in this directory, and Dionaea must be granted R/W permissions to these.



===== Helper scripts and utilities =====

[[cs:virtualbox-import|Example script]] for importing VM images to VirtualBox.