Verification

A six-step smoke test to confirm the full path works: sink → ingest → control server → dashboard.

  1. https://<domain>/healthzok, with valid TLS.
  2. Sign in as the bootstrap admin; load System Setup.
  3. Create a postgresql tripwire; note its tw_… connection user.
  4. psql postgresql://tw_…:x@<honeypot_host>:5432/prod → auth failure (the trap fires).
  5. The trip appears in the dashboard / GET /admin/trips.
  6. (If using AD) configure LDAP and sign in as a domain user.
The Tripwires dashboard showing recorded trips

A recorded trip in the dashboard confirms the end-to-end path. deploy/e2e/run.sh automates steps 1–5 locally.

Operations

  • Logs — container logs (docker compose logs), or CloudWatch via the agent.
  • Updates — CI republishes the images → docker compose pull && up -d (or recreate the instance).
  • Admin access (AWS) — SSM Session Manager (no SSH; the sink owns port 22).
  • Secrets — SSM SecureString on AWS; .env / config.toml are gitignored.
Active Directory / LDAP