ELK Dashboard and Logstash parser for tcp-honeypot Logs
Last Updated: 2020-01-12 23:51:43 UTC
by Guy Bruneau (Version: 1)
In my last two diaries, I shared a Pihole parser and dashboard to collect and view its logs in Elastic. In this diary, I'm sharing another parser and dashboard to visualize the data collected by Didier's tcp-honeypot. This is a work in progress.
tcp-honeypot Log Analysis from Discover
tcp-honeypot Dashboard Summary
The file tcp-honeyport parser can be downloaded here and the dashboard JSON here.
Guy Bruneau IPSS Inc.
My Handler Page
gbruneau at isc dot sans dot edu
There's more on my https://www.minds.com/linuxgeek page too.
Jan 14th 2020
3 years ago