Exploration of DShield Cowrie Data with jq, (Wed, Apr 5th)

This post was originally published on this site

There have been other diaries [1][2] showing how to explore JSON data with jq [3]. We'll review some options to understand unfamiliar JSON data and ways to filter that information. Using tools like Security Information and Event Management (SIEM) systems can help aggregate data and make it more easily searched and visualized. There are still times where being able to quickly search JSON data can be useful, especially if a SIEM option is not immediately available. 

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.