I’ve been running a kippo honeypot for a while now, but what has irritated me the most is seeing the action (skiddy fails) via the use of playlog.py (damm nice functionality) in some easy way.
I am a lazy person when it comes to menial tasks and tend to look at honeypot logs once in a bluemoon (read : 3 weeks). Going through a lot of these logs, archiving them etc are a pain, so I thought I would quickly write a shitty bash script which does the following functionalities-
1.Read all log files in the present working directory. 2.Give the user a choice to move it to an archive folder or keep it as it is.
I thought it would be of great help for rest of the lazy kippo users like me :)
Before you run the script make sure to have a folder called old_arch in the pwd; i just hardcoded the value for fun and make sure to dump it in the folder with ur log files. Rest of the script has been commented for ease of use (I Hope).
Click here to download the script.
All comments for improvements are welcome!