all InfoSec news
Exploration of DShield Cowrie Data with jq, (Wed, Apr 5th)
Malware Analysis, News and Indicators - Latest topics malware.news
There have been other diaries [1][2] showing how to explore JSON data with jq [3]. We’ll review some options to understand unfamiliar JSON data and ways to filter that information. Using tools like Security Information and Event Management (SIEM) systems can help aggregate data and make it more easily searched and visualized. There are still times where being able to quickly search JSON data can be useful, especially if a SIEM option is not immediately available.
Article Link: https://isc.sans.edu/diary/rss/29714
1 …
cowrie data diaries event event management filter information json management options review search security siem systems tools understand