|

Computer Security

»

Graphic visualization of honeyd logs

View: New views

5 Messages — Rating Filter: Alert me

	Graphic visualization of honeyd logs by Leonardo Andrade-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message I tried search a tool for graphical visualization for honeyd 1.5c logs, but i only found honeyview (it seems outdated). Do you have any suggestion for graphical visualization of honeyd logs? Thanks in advance, Leonardo Andrade.
	Re: Graphic visualization of honeyd logs by Gergely Révay :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi, I found a tool a couple of weeks ago which might be useful for you: http://www.wallinfire.net/picviz an introduction: http://www.wallinfire.net/files/picviz-usenix-wasl2008.pdf It's a general idea for visualizing logs in parallel coordinates. I haven't tried it myself so if you find it useful please let me know. regards, Geri 2009/2/3 Leonardo Andrade <landrade@...>: > I tried search a tool for graphical visualization for honeyd 1.5c > logs, but i only found honeyview (it seems outdated). Do you have any > suggestion for graphical visualization of honeyd logs? > > Thanks in advance, > > Leonardo Andrade. >
	Re: Graphic visualization of honeyd logs by Joshua Gimer :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message What kinds of things are you wanting to see? I have a set of custom scripts that I wrote to create rrd graphs about connection statistics, as well as generating pie charts from honeystats data. I also have scripts to insert honeyd logs into a postgres or mysql database so they can be easily parsed, and some php and perl scripts that can be used for searching, archiving and generating statistics based off of this data. I would be more than willing to share if everyone would be interested? On Tue, Feb 3, 2009 at 11:19 AM, Leonardo Andrade <landrade@...> wrote: > I tried search a tool for graphical visualization for honeyd 1.5c > logs, but i only found honeyview (it seems outdated). Do you have any > suggestion for graphical visualization of honeyd logs? > > Thanks in advance, > > Leonardo Andrade. > -- Thx Joshua Gimer
	Re: Graphic visualization of honeyd logs by Joshua Gimer :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message After replying to this post I received around 15 emails from people interested in my scripts. I will tidy some things up with them and send them out to the list. Expect them within the coming week. (Feel free to contact me again if you have not heard back in that time frame, I get busy ;) On Tue, Feb 3, 2009 at 11:19 AM, Leonardo Andrade <landrade@...> wrote: > I tried search a tool for graphical visualization for honeyd 1.5c > logs, but i only found honeyview (it seems outdated). Do you have any > suggestion for graphical visualization of honeyd logs? > > Thanks in advance, > > Leonardo Andrade. > -- Thx Joshua Gimer
	Re: Graphic visualization of honeyd logs by Leonardo Andrade-3 :: Rate this Message: Reply to Author \| View Threaded \| Show Only this Message Hi everybody, sorry for delayed reply! Joshua wrote: >What kinds of things are you wanting to see? I have a set of custom >scripts that I wrote to create rrd graphs about connection statistics, >as well as generating pie charts from honeystats data. >I also have scripts to insert honeyd logs into a postgres or mysql >database so they can be easily parsed, and some php and perl scripts >that can be used for searching, archiving and generating statistics >based off of this data. > I would be more than willing to share if everyone would be interested? Yes, Joshua. I'm very interested in scripts like this (generating rrd, statistics, inserting in database, etc) . For now, it's just that i need. Can you send me it? Gergely wrote: >Hi, >I found a tool a couple of weeks ago which might be useful for you: >http://www.wallinfire.net/picviz >an introduction: >http://www.wallinfire.net/files/picviz-usenix-wasl2008.pdf >It's a general idea for visualizing logs in parallel coordinates. I >haven't tried it myself so if you find it useful please let me know. Hi, Gergely. I already saw the picviz page but i don't know nothing about visualization logs in parallel coordinates. But study this is in my list of pendencies. Compton wrote: >http://www.aditus.nu/jpgraph/ Hi, Compton. Thanks for the response but develop the web interface isn't my plan for now. And, even though, if the case, i would developer in Python because I have more intimacy with it (in comparison with my poor PHP skills). Raffael wrote: >Leonardo, > >Are you coming to KL in a couple of weeks? I will run a workshop on visualization and data analysis. It's really a custom-made >thing to visualize your logs. It depends what you want to see and such. Hi, Raffael. I'm in Brazil, KL seems so far. :) > >Have a look at secviz.org to get some ideas. I am happy to help with visualization, if you send me some logs and share what you >want to see in them. I thanks for your disposition in help. I already visited secviz.org by search about a things related with honeypots. Sincerely, my knowledge about security visualization approach is little and i will seek read your book before to use your help. This is more right. Congratulations for your book, the first pages was easy for reading. > > Raffael Cheers, Leonardo Andrade.