Hello all,
I initiated a ssh connection on my honeypot and by doing "sbk_extract -n br0
-p 1101 | sbk_ks_log.pl" on the honeywall, i was able to see all the commands
i typed on the honeypot command line on the Honeywall.
But my problem is that i dont see sebek data for this ssh connection on the
Walleye interface. I know that sebek is working, but i dont see any sebek data
for this connection. (No process tree, visual graph info). Also i dont see any
alerts for the ssh connection i initiated.
What could be the possible reasons for this? Any config settings specific to
seeing this info on Walleye need to be done?
Thanks in advance,
Nandhini
---------------------------------
Looking for last minute shopping deals? Find them fast with Yahoo! Search._______________________________________________
Honeywall mailing list
[email protected]
https://public.honeynet.org/mailman/listinfo/honeywall
