Logging server

The logging server also consists of 2 parts, the database and a webinterface. The database is used to store the analysis information from the honeypot server. This information is presented to the users by a webinterface. Screenshots from the webinterface can be found here. The webinterface is used to keep track of the logging, but also the sensor status information. A secondary function of this server is the ability to send mails in response to the logging that is received.

Several features of the webinterface are:

  • Attack information
  • Downloaded binary information
  • Logging export to IDMEF
  • Remote control for the sensors
  • Traffic monitor
  • Advanced search engine for textual and graphical logging
 
global/logging_server.txt · Last modified: 2012/07/12 11:27 (external edit)
 
Recent changes RSS feed Creative Commons License Donate Powered by PHP Valid XHTML 1.0 Valid CSS Driven by DokuWiki