0 Replies Latest reply on Nov 23, 2015 2:40 PM by hattoja

    LEM & Linux

    hattoja

      I'm internally testing a simple SSH honeypot on a laptop with Kali Linux installed.  The honeypot I'm using is Kippo, and it currently logs to one file for testing, located at /home/kippo/kippo/log/kippo.log  (only logging logon attempts)

       

      I've installed an agent on the laptop and have tried pointing every available Linux connector to that file with no luck - I'm not getting any activity in LEM at all.

       

      Anyone have any suggestions??  I can cat the log file locally and confirm that it is logging what I want it to.  I'm not the most Linux or LEM savvy person, so any input is appreciated!