Apr 28 2014

Kippo2ElasticSearch + Kibana update

The Kippo2ElasticSearch script has been updated and now creates proper entries with all attributes needed for each SSH login attempt. I have also included an exported Kibana dashboard file that you can import in your own instance and visualize the results. This is going to be very useful and it looks great.

Please get/update by cloning/pulling from GitHub: https://github.com/ikoniaris/kippo2elasticsearch

Attached are two sample screenshots of how the Kibana dashboard looks like. This doesn’t need any configuration. Just transfer your Kippo MySQL database with Kippo2ElasticSearch, open Kibana and import the JSON file from the repo and you will immediately see similar statistics for your data.

For comments, suggestions, fixes, please use the Kippo2ElasticSearch page: http://bruteforce.gr/kippo2elasticsearch

  • Pingback: Kippo2ElasticSearch + Kibana update | d@n3n | ...()

  • Pingback: Kippo2ElasticSearch + Kibana update | opexxx | ...()

More in Blog News, Visualization
Kippo attack heatmap in seconds using Kibana and Kippo2ElasticSearch
Transferring Kippo’s data to ElasticSearch
Kippo-Graph 0.9.3 released, with new component: “Kippo-IP”
Kippo-Graph 0.9.2, with Kippo-Playlog!
Kippo-Malware update #2