When upgrading some honeypots, it was noticed that there were no logs in/srv/cowrie/var/lib/cowrie/tty/, even with the proper logging values set in /srv/cowrie/etc/cowrie.cfg.
Looking at the journal (journalctl -u cowrie -f --since "2 days ago"), the following error was noted:
configparser.InterpolationMissingOptionError: Bad value substitution: option 'processes' in section 'shell' contains an interpolation key 'honeypot:data_path' which is not a valid option name. Raw value: '${honeypot:data_path}/cmdoutput.json'
Commenting out the following lines in /srv/cowrie/etc/cowrie.cfg seem to have resolved the issue:
data_path =
filesystem =
processes =
This impacted overall command logging in Cowrie, which impacted TTY file generation. This wasn't consistent between honeypots. Some had these values set, some had them commented out and some did not have them at all.
When upgrading some honeypots, it was noticed that there were no logs in
/srv/cowrie/var/lib/cowrie/tty/, even with the proper logging values set in/srv/cowrie/etc/cowrie.cfg.Looking at the journal (journalctl -u cowrie -f --since "2 days ago"), the following error was noted:
configparser.InterpolationMissingOptionError: Bad value substitution: option 'processes' in section 'shell' contains an interpolation key 'honeypot:data_path' which is not a valid option name. Raw value: '${honeypot:data_path}/cmdoutput.json'Commenting out the following lines in
/srv/cowrie/etc/cowrie.cfgseem to have resolved the issue:This impacted overall command logging in Cowrie, which impacted TTY file generation. This wasn't consistent between honeypots. Some had these values set, some had them commented out and some did not have them at all.