Threatmonitor Packet Analysis Suite - Docker Image HOWTO
To import example data.
mclient -u monetdb -d threatmonitor < threatmonitor-exampledata.sql
password same as username per monetdb default admin user setup.
Will also need to import the GeoIP Data.
The web interface admin login is admin - default password goblin
You will also need the GeoIP Data importing as well for the Web interface Dashboard to operate
mclient -u monetdb -d threatmonitor < geoip-import.sql
Web Interface
Your defaults file is the config.rb in the gem directory for now.
/home/<username>/config.rb
To Capture data:
thm-producer -m capture -i eth0
To Consume data into the Database
thm-consumer -r
For the RabbitMQ Admin 172.17.0.1:15672 - admin password goblin
Please note
gem install thm
To Keep everything upto date with the current release.
Have fun!
Brian Hood