smb protocol stats for 2010 so far
gnuplotsql.py is a script I wrote to visualize the sqlite database in a useful way.
You can browse my statistics here while you use the script to create stats for your own database:
the git-daemon activity for the dionaea.git repository, pull and uniq hosts/day, basically 5-10 users update their software daily.
Often the most complex part in data visualization is the processing before you can provide the data in a format your visualization software understands.
I choose the git-daemon logs as an example of such an case.
One could have used sshd logs as an example too, but I choose this, as I'm pretty sure there is no parser for the git-daemon logfiles.
In doubt, I'm pretty confident, one could adjust this git-daemon parser to deal with sshd too.
We will create images showing the correlation of attacker-host, vulnerability, malware.
Basically, image will look like this:
I had to cheat to get the image to a valid size …
Presenting data in a human compatible way is a problem, rumors say at this stage of evolution pictures work best.
Therefore some hints how to create graphs using the dionaea logsql sqlite database.
