๐Ÿ“ฆ wagoodman / AuthLogAttackMap

Tails the /var/log/auth.log, geolocates IPs found, and displays them on a web frontend.

โ˜… 27 stars โ‘‚ 7 forks ๐Ÿ‘ 27 watching
geolocates-ipsmapweb-frontend
AuthLogAttackMap
๐Ÿ“ฅ Clone https://github.com/wagoodman/AuthLogAttackMap.git
HTTPS git clone https://github.com/wagoodman/AuthLogAttackMap.git
SSH git clone git@github.com:wagoodman/AuthLogAttackMap.git
CLI gh repo clone wagoodman/AuthLogAttackMap
ZIP Desktop VS Code
Alex Goodman Alex Goodman rearranged 334080a 10 years ago ๐Ÿ“ History
๐Ÿ“‚ master View all commits โ†’
๐Ÿ“ authLogWatcher
๐Ÿ“ css
๐Ÿ“ js
๐Ÿ“ screenshots
๐Ÿ“ svg
๐Ÿ“ templates
๐Ÿ“„ README.md
๐Ÿ“„ rpcClient.py
๐Ÿ“„ sseClient.py
๐Ÿ“„ README.md

AuthLogAttackMap

Tails the /var/log/auth.log, geolocates IPs found, and displays them on a web frontend.

Usage

You'll need two terminals: one for watching the auth.log and another for serving up events to a web frontend.

First terminal: 

python authLogTailer/
Second terminal: 
python sseClient.py
From your browser: http://localhost

Optionally you can use the CLI client: 

python  rpcClient.py [<command>] [<args>]

    Valid commands:
       summary    Show a summary of hosts in the auth log (Default)
       country    Show the breakdown of entries by country
       subscribe  Show json events as they occur in realtime

    optional arguments:
      -h, --help  show this help message and exit

Screenshot

ScreenShot