Blocking IPs log from honeyd
Hi, I just wanted to ask if where i could get a script or similar that can parse honeyd logs that contained detected ip address that are probing. The honeyd.log has these entries.
2007-09-18-06:10:23.4563 tcp(6) - 81.56.254.187 49857 xxx.xxx.xxx.xxx 9887: 60 S [Linux 2.6 ] 2007-09-18-06:20:39.7773 tcp(6) - 64.53.140.163 47515 xx.xxx.xxx.xxx 9887: 60 S [Linux 2.6 ] 2007-09-18-06:21:52.4131 udp(17) - 153.104.74.95 30811 xxx.xxx.xxx.xxx 1026: 394 2007-09-18-06:40:30.1793 tcp(6) - 81.56.254.187 58448 xxx.xxx.xxx.xxx 9887: 60 S [Linux 2.6 ] 2007-09-18-06:46:16.9606 udp(17) - 222.161.2.9 54614 xxx.xxx.xxx.xxx 1027: 921 ........ snippets ........ I know these could be done with bash scripts or perl scripts, but im no programmer.. sorry... Thanks in advance. |
Quote:
Code:
>$ grep - test.txt | cut -d " " -f4 |
Quote:
Again TIA. |
Quote:
|
All times are GMT -5. The time now is 06:19 PM. |