Created
February 15, 2020 12:40
-
-
Save chapinb/128f5aef5e42e56149ecf1de98a9057e to your computer and use it in GitHub Desktop.
Script to pull honeypot PCAP data into Moloch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| ## Please insert the appropriate User and IP address values | |
| ## You may also need to edit the path to where your PCAPs | |
| ## exist on the remote system | |
| echo ===== Pulling remote pcap data | |
| rsync -a <USER>@<IP>:/data/rdp.*.pcap* /data/pcap/ | |
| echo rsync exit code: $? | |
| ## This script is available at: | |
| ## https://github.com/piesecurity/docker-moloch/blob/master/scripts/moloch-parse-pcap-folder.sh | |
| echo ===== Processing new pcaps | |
| /data/moloch-parse-pcap-folder.sh | |
| echo indexer exit code: $? |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment