Delilah.ini

[notifications]
email: user@example.com				        ; there can be as many users or as few users as needed
email: user2@example.com			        ; simply add or remove "email:" entries as necessary

[emailacct]
username: reportingaccount@example.com		; login name for Delilah to log with to send email
password: youneedapassword					; password for the email account
server: smtp.example.com:587				; email server and port
from: reportingaccount@example.com			; the email address from which the notifications will arrive

[honeypot]
port: 9200									; port number to listen for Elasticsearch requests on. Default is 9200
statusURI: thisshouldbelongandsecret	; the URI to access when pulling events from Delilah's monitoring database. This must match DelilahMonitor.ini value for the node
clustername: clustername					; name of the cluster you are simulating
instancename: instancename					; name of the instance that will be reporting the response e.g "es-node1"
esversion: 1.4.1							; the version of Elasticsearch to report when asked
nodename: nodename							; usually a string of random looking letters to is unique for identifying the node
sensorIP: 192.168.1.1						; IP address of the external interface that is listening for the requests. This is reported by /_nodes
buildnumber: 89d3341						; The buildnumber of the Elasticsearch instance. 7 to 8 digit hex number is best
hostname: es-node1.example.com				; FQDN for the node
macaddress: 00:11:22:33:44:55				; MAC address of the fake listening NIC. Probably best not to use your real MAC here
totalcores: 16								; Number of cores listening. Used by /_nodes
totalsockets: 32							; Number of sockets available. Used by /_nodes


[data]
downloadtimeout: 30							; number of seconds to give a download event before failing
dbFile: esevents.sqlite						; the SQLite database to store events in