Cowralyze Logo

Cowralyze

0
Free
Visit Website

This project is about a Command Line Map-Reduce tool to analyze cowrie log files on remote servers / local folders over time and create a visualization and statistics of the data. The tool uses multiple log files <cowrie.json.YYYY-MM-DD> to create a cummulated information file and visualization from local or remote folder path, finally creating statistics about all the event changes over time. python3 cowralyze.py --help # shows available commands and a description for each command Furthermore there's the possibility to trace commands by session id or ip, as well as creating Sankey Command Chain Plots for specific log files. Motivation: This project was created in course of my Bachelor's Thesis: Longitudinal Analysis of SSH Honeypots. While a large number of honeypot related tools exist, they generally focus on high-level aggregated statistics and not about individual log anomalies. The aim of this project is to provide a tool to get a quick overview of the changes over time of possibly hundred's of cowrie honeypots. The stats.html provides the accumulated percentual changes over time, result.html provides the visualization across the no

FEATURES

ALTERNATIVES

Python library and command line tools for log visualization with interactive plots.

Free

An Event Hub to gather, process, and monitor system events and link them to an inventory.

Free

A community-led project focused on standardizing security event logs.

Free

A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.

Free

Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.

Free

Search AWS CloudWatch logs on the command line with aws-sdk-for-go.

Free

A collection of detections for Panther SIEM with detailed setup instructions.

Free

A cloud-native SIEM platform that provides security analytics, intuitive workflow, and simplified incident response to help security teams defend against cyber threats.

Commercial