This role is an ansible implementation of the t-pot installer script. It is limited to a sensor only configuration.

Use this variable to specify which t-pot honeypots you want deployed to the system. The default settings specify the following honeypots:

• ciscoasa
• adbhoney
• conpot
• cowrie
• dionaea
• honeypy
• glutton
• heralding
• mailoney
• medpot
• p0f
• rdpy
• suricata
• tanner
• fatt

You may choose from any of the following:

• ciscoasa
• adbhoney
• conpot
• cowrie
• dicompot
• dionaea
• elasticpot
• honeypy
• honeysap
• ipphoney
• glutton
• honeytrap
• heralding
• mailoney
• medpot
• p0f
• rdpy
• suricata
• tanner
• fatt
• citrixhoneypot

The glutton and honeytrap honeypots can't be used on the same system.

Use this variable to specify the number of days that logs are retained on the sensor. The default value is 30 days. Depending on the disk size of the honeypot and activity it receives, this value may require adjustment to prevent exhausting disk space.

If you would like to make use of filebeat to send your logs to logstash you need to run the honeynet/ansible-role-tpotce-filebeat role in addition to this one. You will need to add filebeat to the honeypot_list var.

Use this variable to specify what version of filebeat you would like to use. The following are supported.

- 7.12.0
- 7.11.2
- 7.11.1
- 7.11.0
- 7.10.1
- 7.10.0
- 7.9.3
- 7.9.2
- 7.9.1
- 7.9.0
- 7.8.1
- 7.8.0
- 7.7.1
- 7.7.0
- 7.6.2
- 7.6.1
- 7.5.2
- 7.4.2
- 7.3.2
- 7.2.1
- 7.1.1
- 7.0.1

- hosts: all
  become: true
  roles:
    - ansible-role-tpotce

This project is supported by:

The role is licensed under GPLv3