Takuan is a system service that parses logs and detects noisy attackers in order to build a blacklist database of known cyber offenders.
Periodic reports are saved to this repository in CSV format for parsing. A bot is running as @cybertakuan and tweeting about new reports.
Install the configuration:
sudo mkdir -p /etc/takuan
sudo cp config.example.yml /etc/takuan/config.yml
Use your favorite editor to customize it, then you can build and start all the takuan services via
docker-compose:
sudo docker-compose build
sudo docker-compose up
Reports are saved on the host /var/log/takuan/reports and all events are available on a MySQL database running in
one of the container and persisting its data in /var/lib/takuan. A phpmyadmin is also available on http ://localhost:9090.
takuan is made with ♥ by evilsocket and it's released under the GPL 3
license.