In my last two diaries, I shared a Pihole parser and dashboard to collect and view its logs in Elastic. In this diary, I’m sharing another parser and dashboard to visualize the data collected by Didier’s tcp-honeypot. This is a work in progress.
tcp-honeypot Log Analysis from Discover
tcp-honeypot Dashboard Summary
(c) SANS Internet Storm Center. https://isc.sans.edu Creative Commons Attribution-Noncommercial 3.0 United States License.