Honeypot data for multiple protocols (Telnet, SSH, several HTTP-based protocols and services) from UL CyberLab honeynet.
- session_id (string): Unique ID of the session
- dst_ip_identifier (string): Pseudonymized dst public IPv4 of the honeypot node
- dst_host_identifier (string): Obfuscated (pseudonymized) name of the honeypot node
- src_ip_identifier (string): Obfuscated (pseudonymized) IP address of the attacker
- eventid (string): Event id of the session in the cowrie honeypot
- timestamp (string): UTC time of the event
- message (string): Message of the Cowrie honeypot
- protocol (string): Protocol used in the cowrie honeypot; either ssh or telnet
- geolocation_data/postal_code (string): Source IP postal code as (determined by logstash)
- geolocation_data/continent_code (string): Source IP continent code (as determined by logstash)
- geolocation_data/country_code3 (string): Source IP country code3 (as determined by logstash)
- geolocation_data/region_name (string): Source IP region name (as determined by logstash)
- geolocation_data/latitude (float): Source IP latitude (as determined by logstash)
- geolocation_data/longitude (float): Source IP longitude (as determined by logstash)
- geolocation_data/country_name (string): Source IP full country name (as determined by logstash)
- geolocation_data/timezone (string): Source IP timezone
- geolocation_data/country_code2 (string): Source IP country code2
- geolocation_data/region_code (string): Source IP region code
- geolocation_data/city_name (string): Source IP city name
- src_port (int): Source TCP port
- sensor (string): Sensor name; serves to identify our experiment config
- arch (string): Represents the CPU/OS architecture emulated by honeypot
- duration (string): Session duration in seconds
- ssh_client_version (string): Attacker's SSH client version
- username (string): Login username; only used for login events
- password (string): Password; only used for login events
- macCS (string): HMAC algorithms supported by the client
- encCS (string): Encryption algorithms supported by the client
- kexAlgs (string): Key exchange algorithms supported by the client
- keyAlgs (string): Public key algorithms supported by the client