Small update on the xmpp-files-for-all feature mentioned previously.
There were some bugfixes and cleanups for receiving files via logxmpp.
Now, you can verify logxmpp works for you by starting dionaea with
/opt/dionaea/bin/dionaea -l all,-debug -L 'logxmpp'
it should end with something like:
[15052010 20:27:24] logxmpp dionaea/logxmpp.py:125: I am anonymous@sensors.carnivore.it/qtVuZyLM [15052010 20:27:27] logxmpp dionaea/logxmpp.py:315: trying to join anon-files@dionaea.sensors.carnivore.it/anonymous-qtVuZyLM [15052010 20:27:27] logxmpp dionaea/logxmpp.py:315: trying to join anon-events@dionaea.sensors.carnivore.it/anonymous-qtVuZyLM [15052010 20:27:28] logxmpp dionaea/logxmpp.py:341: logxmpp is online!
So, if you use it, update, if you do not use it yet, consider it an option.
2
use
/opt/dionaea/bin/python3 modules/python/util/readlogsqltree.py /opt/dionaea/var/dionaea/logsql.sqlite -t "strftime('%s','now','localtime')-2*24*3600" -d xmpp
files downloaded via xmpp indicate this by a logxmpp:// url.
and update once a week, sometimes there are meaningfull changes.
Hi Markus,
I have some question on using xmpp. I have enabled xmpp feature of 2 Dionaea sensor for 2 weeks and I find the log message state it was online.
But I can't find any sample sharing message as I saw in you blog
I also followed the blog http://g3nto.blogspot.com/2010/05/dionaea-new-xmpp-features-sample-live.html to use the PSI client to check and found both sensors were online but I do not able to see the sample sharing message as his blog content.
Is it I miss something or any trick required? Would you help me