added a basic analyzer and a readme HEAD master

author: Emile <hanemile@protonmail.com> 2019-02-14 15:45:09 +0100
committer: Emile <hanemile@protonmail.com> 2019-02-14 15:45:09 +0100
commit: 2e4252500dd11b3bc42de306d2a09f891f4860e7 (patch)
tree: 541bf4d0d90eab3dfc2f49a298b2f05792a838be /README.md
parent: df71125364497c9c2cce5fc277c73636746cdc11 (diff)
1 files changed, 41 insertions, 1 deletions
diff --git a/README.md b/README.md
index b711e7b..3799a68 100644
--- a/README.md
+++ b/README.md
@@ -1,3 +1,43 @@
 # honeypot-log-analyzer
 
-Analyzer the docker honeypot logs
\ No newline at end of file
+Analyzer the docker honeypot logs
+
+## usage:
+
+1. Setup a honeypoy
+2. grab some logs (`docker-compose logs > <filename>.txt`)
+3. run the analyzer (`python3 analyzer.py <filename>.txt`)
+
+```
+> $ python3 analyze.py                                                                                                                 
+Amount of hits processed: [...] 
+-----------------
+Most tried usernames:
+
+[...]
+
+-----------------
+Most tried passwords:
+
+[...]
+
+-----------------
+Most frequent ips:
+
+[...]
+
+-----------------
+Most frequent ports:
+    
+[...]
+
+```
+
+Four images get saved:
+
+| filename | content |
+| -------- | ------- |
+| username.png | histogram of the most used usernames |
+| passwords.png | histogram of the most used passwords |
+| ip.png | histogram of to most used ips |
+| port.png | histogram of the most used ports |
author	Emile <hanemile@protonmail.com>	2019-02-14 15:45:09 +0100
committer	Emile <hanemile@protonmail.com>	2019-02-14 15:45:09 +0100
commit	2e4252500dd11b3bc42de306d2a09f891f4860e7 (patch)
tree	541bf4d0d90eab3dfc2f49a298b2f05792a838be /README.md
parent	df71125364497c9c2cce5fc277c73636746cdc11 (diff)