hpfeeds-forwarder.env

# Defaults are here, but can be adjusted to customize the containers
# If a variable is commented out it should have sane defaults and you can safely ignore it

MONGODB_HOST=mongodb
MONGODB_PORT=27017

LOCAL_HPFEEDS_HOST=hpfeeds3
LOCAL_HPFEEDS_PORT=10000
LOCAL_HPFEEDS_IDENT=hpfeeds-forwarder
LOCAL_HPFEEDS_SECRET=
LOCAL_HPFEEDS_CHANNELS=amun.events,conpot.events,thug.events,beeswarm.hive,dionaea.capture,dionaea.connections,thug.files,beeswarm.feeder,cuckoo.analysis,kippo.sessions,cowrie.sessions,glastopf.events,glastopf.files,mwbinary.dionaea.sensorunique,snort.alerts,wordpot.events,p0f.events,suricata.events,shockpot.events,elastichoney.events,rdphoney.sessions,uhp.events,elasticpot.events,spylex.events

REMOTE_HPFEEDS_HOST=
REMOTE_HPFEEDS_PORT=20000
REMOTE_HPFEEDS_IDENT=
REMOTE_HPFEED_SECRET=

# Specify CIDR networks for which we should NOT submit to BHR
# Useful for not reporting any locally compromised hosts and prepopulated with RFC1918 addresses
IGNORE_CIDR="192.168.0.0/16,10.0.0.0/8,172.16.0.0/12"