Open KKAB-FK opened 1 year ago
Unfortunately there is no feature for this, but it should be easy to add if you want to give it a try.
Could you give me a hint on where i should look? Ive looked through all log related code and could not find the right place in the files in order to do my change!
Br Felix
Hi,
I have a python script that "will" be running on the same host as Conpot and the script writes values to some Modbus registers! As a consequence this "register writes" are being logged and displayed as an "attack log" and being sent to my syslog server!
Is there a possibility to omit a certain IP from being logged?
Br Felix
Im looking for the same functionality. Have you implemented this feature?
Here when you get the event, check the source IP address and then skip the log processing.
Here when you get the event, check the source IP address and then skip the log processing.
Thanks, i'll try :)
@Neoshka1337 have you tried?
@glaslos Unfortunately no, I was already running out of time to finish my thesis and didn't have time to test this feature :(
Hi,
I have a python script that "will" be running on the same host as Conpot and the script writes values to some Modbus registers! As a consequence this "register writes" are being logged and displayed as an "attack log" and being sent to my syslog server!
Is there a possibility to omit a certain IP from being logged?
Br Felix