Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Download the daily logs? - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Download the daily logs?
Anybody know where can I download DShield daily logs? any links?

I already checked the https://isc.sans.edu/api/, which offers some API, but it limit the amount of data to download and the download rate is pretty slow.

I am working on some research work referencing dshield log data.


Thanks,
Larry
larry.guanneustar.biz

2 Posts
We do have our daily source summary:
isc.sans.edu/feeds/…

you can also get past days by appending the date and .gz (past reports are compressed0

e.g. daily_sources20150619.gz
Johannes

3629 Posts
ISC Handler
Hi Johannes,

Thanks so much for your reply.

I have been reading some paper that used DShield dataset in their research works. The dataset they used formated as following:

- date_time
- contributor identification number (cid)
- count
- src IP
- src port
- target IP
- target port
- protocol
- TCP flags

But the dataset you send me the link with seems different from above fields:

- source IP
- targetport
- protocol
- reports
- targets
- firstseen
- lastseen


Have DShield removed target IP address and port already from daily logs?


Thanks,
Larry
larry.guanneustar.biz

2 Posts

Sign Up for Free or Log In to start participating in the conversation!