kojreport-filter

Section: Reports (1)
Updated: 0.0.1
Index Return to Main Contents
 

NAME

kojreport-filter - Generate reports from the Kojoney Honeypot log files but filtering to lines matching an specified filter.  

SYNTAX

kojreport <log file> <filter> <traceroute> <nmap> <country>
 

DESCRIPTION

Kojreport-filter is a shell script to generate plain text reports from the Kojoney Honeypot log files by filtering to lines matching an specified filter, such as one ip addressess, dates, etc...  

OPTIONS

filter
The report will be generated only for lines matching the specified filter. This may be one ip address, date, etc...
traceroute
Print the route packets take to network host. Possible values are 0 (disabled) and 1 (enabled).
nmap
Print nmap output take to network host. Possible values are 0 (disable) and 1 (enabled).
country
Resolve intruder's country using kip2country tool. Possible values are 0 (disable) and 1 (enabled).
 

EXAMPLES

The following are examples of how is the correct way to run the tool:

# kojreport-filter /var/log/honeypot.log '^2005/07/17' 0 0 1

Generates a normal report without traceroute and nmap output and without ip address to host resolution with the records in /var/log/honeypot that were generateds at 2005/07/17.

# kojreport-filter /var/log/honeypot.log '61.75.4.142' 0 0 1

Generates a normal report without traceroute and nmap output and without ip address to host resolution with the records in /var/log/honeypot that matches the ip address specified.
 

FILES

/var/log/honeypot.log  

AUTHORS

Jose Antonio Coret <joxeankoret@yahoo.es>  

SEE ALSO

kip2country(1), kojreport(1)


 

Index

NAME
SYNTAX
DESCRIPTION
OPTIONS
EXAMPLES
FILES
AUTHORS
SEE ALSO

This document was created by man2html, using the manual pages.
Time: 20:33:45 GMT, August 11, 2005