kojreport-filter
Section: Reports (1)
Updated: 0.0.1
Index
Return to Main Contents
NAME
kojreport-filter - Generate reports from the Kojoney Honeypot log files but filtering to lines matching an specified filter.
SYNTAX
kojreport <log file> <filter> <traceroute> <nmap> <country>
DESCRIPTION
Kojreport-filter is a shell script to generate plain text reports from the Kojoney Honeypot log files by filtering to lines matching an specified filter, such as one ip addressess, dates, etc...
OPTIONS
- filter
-
The report will be generated only for lines matching the specified filter. This may be one ip address, date, etc...
- traceroute
-
Print the route packets take to network host. Possible values are 0 (disabled) and 1 (enabled).
- nmap
-
Print nmap output take to network host. Possible values are 0 (disable) and 1 (enabled).
- country
-
Resolve intruder's country using kip2country tool. Possible values are 0 (disable) and 1 (enabled).
EXAMPLES
The following are examples of how is the correct way to run the tool:
# kojreport-filter /var/log/honeypot.log '^2005/07/17' 0 0 1
-
Generates a normal report without traceroute and nmap output and without ip address to host resolution with the records in /var/log/honeypot that were generateds at 2005/07/17.
# kojreport-filter /var/log/honeypot.log '61.75.4.142' 0 0 1
-
Generates a normal report without traceroute and nmap output and without ip address to host resolution with the records in /var/log/honeypot that matches the ip address specified.
FILES
/var/log/honeypot.log
AUTHORS
Jose Antonio Coret <joxeankoret@yahoo.es>
SEE ALSO
kip2country(1), kojreport(1)
Index
- NAME
-
- SYNTAX
-
- DESCRIPTION
-
- OPTIONS
-
- EXAMPLES
-
- FILES
-
- AUTHORS
-
- SEE ALSO
-
This document was created by
man2html,
using the manual pages.
Time: 20:33:45 GMT, August 11, 2005