Handler on Duty: Didier Stevens
Threat Level: green
Web Application Logs
We are collecting web application logs via our honeypots, as well as from web server error logs ("404 Errors"). To participate in this effort, you can install our honeypot (which will also submit firewall and ssh data) or you can install one of our 404 error log parser scripts.
In order to submit logs, you will have to be a registered user. We currently do not accept anonymous logs. However, you may obfuscate your logs as you submit them.
For newly "discovered" url, check out our "First Seen URLs" page.
This table summarized the report volume received over the last 10 days.
- Date: We use GMT as timezone for all of our date and time values.
- Reports: Individual reports. Each request to a honeypot is counted as a report. Some honeypots will supress related reports. For example, if a page includes images, only the request to the actual page is counted and the subsequent requests to images may be ignored.
- Submitters: Identified users submitting reports.
- Targets: Target hosts submitting data. This number may be larger then the number of submitters as some submitters operate mulitple honeypots.
- Sources: Distinct source IPs detected on a particular day.