Section: Reports (1)
Return to Main Contents
kojreport-filter - Generate reports from the Kojoney Honeypot log files but filtering to lines matching an specified filter.
kojreport <log file> <filter> <traceroute> <nmap> <country>
Kojreport-filter is a shell script to generate plain text reports from the Kojoney Honeypot log files by filtering to lines matching an specified filter, such as one ip addressess, dates, etc...
The report will be generated only for lines matching the specified filter. This may be one ip address, date, etc...
Print the route packets take to network host. Possible values are 0 (disabled) and 1 (enabled).
Print nmap output take to network host. Possible values are 0 (disable) and 1 (enabled).
Resolve intruder's country using kip2country tool. Possible values are 0 (disable) and 1 (enabled).
The following are examples of how is the correct way to run the tool:
# kojreport-filter /var/log/honeypot.log '^2005/07/17' 0 0 1
Generates a normal report without traceroute and nmap output and without ip address to host resolution with the records in /var/log/honeypot that were generateds at 2005/07/17.
# kojreport-filter /var/log/honeypot.log '188.8.131.52' 0 0 1
Generates a normal report without traceroute and nmap output and without ip address to host resolution with the records in /var/log/honeypot that matches the ip address specified.
Jose Antonio Coret <email@example.com>
- SEE ALSO
This document was created by
using the manual pages.
Time: 20:33:45 GMT, August 11, 2005