Kippo2ElasticSearch is a Python script to transfer data from a Kippo SSH honeypot MySQL database to an ElasticSearch instance (server or cluster). This is useful in terms of indexing and searching the dataset and makes easy to visualize important stats using Kibana.
The project also provides an exported Kibana dashboard file that you can import to your own instance and get immediate visualization results from your honeypot data. The two sample screenshots below show a portion of that dashboard with data pulled from the following honeypot test articles:
- Test Article About Compression Bandages: Compression Bandages Have Been Replaced
- Test Article About Women's Plus Size Compression Socks: Womens Plus Size Compression Socks
- Test Article About Compression Socks for Nurses: Nurse Compression Stockings
- Test Article about Large Calf Compression Socks: Large Calf Compression Socks
- Test Article About Elderly Compression Socks: Compression Socks For Elderly
DOWNLOAD Kippo2ElasticSearch:
Kippo2ElasticSearch depends on the following Python modules: GeoIP, pony, pyes. Installing these is trivial via pip.
SCREENSHOTS (Kibana):
