Difference between Cowrie Honeypot Output and usual Server Logs
for a project, we had to set up our own honeypot in order to analyze login patterns of the attackers / brute forcing attempts for SSH connections. Cowrie is a SSH honeypot that was specially designed for that purpose. However, what I was wondering: all the information that I get from the Cowrie logs e.g attempted password & username, IP address of the person who connects to the server etc. is also stored in the usual server logs. So why would I need a honeypot for this?
Please clarify me
[link] [comments] ...