-
Notifications
You must be signed in to change notification settings - Fork 631
Exporting Honeypot Data from MHN
Sean Maloney edited this page Oct 1, 2019
·
2 revisions
This is a work in progress.
MHN stores its honeypot event and aggregated event data in mongodb. This is a simple howto that shows you how to get this data out of mongodb.
See https://github.com/Pwnlandia/mhn/wiki/MHN-REST-APIs
mongoexport is a command line tool that allows you to dump data from mongodb as JSON or CSV.
Example uses of mongoexport:
# Dump all the records from the session collection
mongoexport --db mnemosyne --collection session > session.json
# Dump the source_ip and destination_ip fields from the session collection as JSON
mongoexport --db mnemosyne --collection session --fields=source_ip,destination_ip
# Dump the source_ip and destination_ip fields from the session collection as CSV
mongoexport --db mnemosyne --collection session --fields=source_ip,destination_ip --csv
See https://github.com/Pwnlandia/mhn/wiki/MHN's-MongoDB-Collections for the types of data data can be dumped from mongo.