Honeypots mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Graphic visualization of honeyd logs

From: Leonardo Andrade <landrade () pop-es rnp br>
Date: Sun, 8 Feb 2009 23:45:12 -0200
Hi everybody, sorry for delayed reply!

Joshua wrote:

What kinds of things are you wanting to see? I have a set of custom
scripts that I wrote to create rrd graphs about connection statistics,
as well as generating pie charts from honeystats data.
I also have scripts to insert honeyd logs into a postgres or mysql
database so they can be easily parsed, and some php and perl scripts
that can be used for searching, archiving and generating statistics
based off of this data.
I would be more than willing to share if everyone would be interested?


Yes, Joshua. I'm very interested in scripts like this (generating rrd,
statistics, inserting in database, etc) . For now, it's just that i
need. Can you send me it?


Gergely wrote:

Hi,
I found a tool a couple of weeks ago which might be useful for you:
http://www.wallinfire.net/picviz
an introduction:
http://www.wallinfire.net/files/picviz-usenix-wasl2008.pdf
It's a general idea for visualizing logs in parallel coordinates. I
haven't tried it myself so if you find it useful please let me know.


Hi, Gergely. I already saw the picviz page but i don't know nothing
about visualization logs in parallel coordinates. But study this is in
my list of pendencies.

Compton wrote:

http://www.aditus.nu/jpgraph/


Hi, Compton. Thanks for the response but develop the web interface
isn't my plan for now. And, even though, if the case, i would
developer in Python because I have more intimacy with it (in
comparison with my poor PHP skills).

Raffael wrote:

Leonardo,

Are you coming to KL in a couple of weeks? I will run a workshop on visualization and data analysis. It's really a 
custom-made >thing to visualize your logs. It depends what you want to see and such.

Hi, Raffael. I'm in Brazil, KL seems so far. :)


Have a look at secviz.org to get some ideas. I am happy to help with visualization, if you send me some logs and share 
what you >want to see in them.

I thanks for your disposition in help. I already visited secviz.org by
search about a things related with honeypots. Sincerely, my knowledge
about security visualization approach is little and i will seek read
your book before to use your help. This is more right. Congratulations
for your book, the first pages was easy for reading.


Raffael


Cheers,

Leonardo Andrade.
Previous By Date Next
Previous By Thread Next

Current thread: