glaslos
commented
1 year ago Unfortunately there is no feature for this, but it should be easy to add if you want to give it a try.
Open KKAB-FK opened 1 year ago
glaslos
commented
1 year ago Unfortunately there is no feature for this, but it should be easy to add if you want to give it a try.
KKAB-FK
commented
1 year ago Could you give me a hint on where i should look? Ive looked through all log related code and could not find the right place in the files in order to do my change!
Br Felix
Neoshka1337
commented
1 year ago Hi,
I have a python script that "will" be running on the same host as Conpot and the script writes values to some Modbus registers! As a consequence this "register writes" are being logged and displayed as an "attack log" and being sent to my syslog server!
Is there a possibility to omit a certain IP from being logged?
Br Felix
Im looking for the same functionality. Have you implemented this feature?
glaslos
commented
1 year ago Here when you get the event, check the source IP address and then skip the log processing.
Neoshka1337
commented
1 year ago Here when you get the event, check the source IP address and then skip the log processing.
Thanks, i'll try :)
glaslos
commented
4 months ago @Neoshka1337 have you tried?
Neoshka1337
commented
4 months ago @glaslos Unfortunately no, I was already running out of time to finish my thesis and didn't have time to test this feature :(
Hi,
I have a python script that "will" be running on the same host as Conpot and the script writes values to some Modbus registers! As a consequence this "register writes" are being logged and displayed as an "attack log" and being sent to my syslog server!
Is there a possibility to omit a certain IP from being logged?
Br Felix