 |
You are here: Docs>Sheriff Web>UserGuides>SheriffCSMDocumentation>DeploymentGuide>PluginManagement>ConfigureLogForwardingOnCommonlyUsedDataSources>AtomicSoftwareHoneyBOT (27 Jun 2022, SheriffCyberSecurity)Edit Attach
Up
Previous Next Sheriff CSMâ„¢
Previous Next Sheriff CSMâ„¢
Atomic Software HoneyBOT
When you configure Atomic Software HoneyBOT to send log data to Sheriff CSM, you can use the HoneyBOT plugin to translate raw log data into normalized events for analysis. The table below provides some basic information for the plugin: Plugin Information| Device | Details |
|---|---|
| Vendor | Atomic Software Solutions |
| Device Type | Honeypot |
| Connection Type | Syslog |
| Data Source Name | Honeybot |
| Data Source ID | 1915 |
Integrating Atomic Software HoneyBOT
Before you configure the Atomic Software HoneyBOT integration, you must have the IP Address of the Sheriff CSM Sensor (Deputy). To configure Atomic Software HoneyBOT to send Syslog messages to Sheriff CSM-
Open the main application window of the HoneyBOT application.
-
Select Options from the View menu to configure HoneyBOT.
- Select the Syslog option to send connection events to a Syslog server. Enter the Sheriff CSM IP Address as the Syslog server IP address and specify 514 as the port on which Syslog messages will be sent.
Plugin Enablement
For plugin enablement information, see Enable Plugins.Additional Resources and Troubleshooting
http://www.atomicsoftwaresolutions.com/ http://www.atomicsoftwaresolutions.com/help.php http://archives.mysteryfcm.co.uk/security/honey_pots/honeybot/honeybotuserguide.pdf For troubleshooting, see the vendor documentation.Edit | Attach | Print version | History: r9 < r8 < r7 < r6 | Backlinks | View wiki text | Edit wiki text | More topic actions
Topic revision: r9 - 27 Jun 2022, SheriffCyberSecurity
Copyright 2020 Sheriff Cyber Security, LLC. All rights reserved.