I'm internally testing a simple SSH honeypot on a laptop with Kali Linux installed. The honeypot I'm using is Kippo, and it currently logs to one file for testing, located at /home/kippo/kippo/log/kippo.log (only logging logon attempts)
I've installed an agent on the laptop and have tried pointing every available Linux connector to that file with no luck - I'm not getting any activity in LEM at all.
Anyone have any suggestions?? I can cat the log file locally and confirm that it is logging what I want it to. I'm not the most Linux or LEM savvy person, so any input is appreciated!