Michel Oosterhof

Actually the name `interactive_timeout` was named that way because it's the timeout for interactive sessions, not a timeout for `exec` sessions which are single commands. But I understand this name...

Both the `cowrie.json` file and data sent to Splunk are sent using the same mechanism. It seems something is wrong there. When you run this without systemd, do you get...

So the log entries are going to standard out, which systemd then sends to the syslog files. But these should only be the text output, not the JSON output. Do...

That's very odd. The MySQL query actually gets triggered by the log message for 'cowrie.log.closed', and while you do see the log message, you don't see the SQL query. This...

You can probably enable AuthNone on the config file that will allow a login as well (but it'll just ignore the RSA key). It might be an idea to put...

Good one! I've been thinking about doing this in the past. What's needed though is a lot more infrastructure. First of all exit codes for processes (to exit successful or...

Regarding the echo -ne '\\x0181c46036\\x01' statement, Cowrie behaves differently from a normal bash shell, so that' needs looking into. On a normal system ```# echo -ne '\\x0181c46036\\x01' \x0181c46036\x01# ``` On...

Hi! I think this works as designed? How would you do it differently?

Do you mean the "umask" parameter we pass in bin/cowrie? I think that only works for the log file and not for anything else.. It doesn't change the process umask.

The JSON log is enabled, but it's failing. Which version of Cowrie are you using? Do you use the Docker image, a `git clone` or a release download?