

Examining ssh login requests - dangoldin
http://dangoldin.com/2014/05/16/examining-ssh-login-requests/

======
joshdev
OSSEC combined with Logstash, Elasticsearch, and Kibana can give you a lot of
this data on the fly. Here is my list of bad ssh logins from the past 24
hours.

    
    
      Taiwan              145963   
      China               15881  
      Korea, Republic of  14079  
      United States       9600   
      Kuwait              1769   
      Thailand            1563   
      Portugal            1518   
      United Kingdom      788  
      India               558  
      Saudi Arabia        284  
      Russian Federation  190  
      Japan               146  
      Turkey              94   
      Bulgaria            83   
      Brazil              35   
      Netherlands         33   
      Rwanda              28   
      Hong Kong           22   
      Germany             19   
      Romania             15   
    

Some details on the end to end setup
[https://groups.google.com/forum/#!searchin/ossec-
list/kibana...](https://groups.google.com/forum/#!searchin/ossec-
list/kibana/ossec-list/mW-Mi4ZU-DE/Y06ewK8S_zcJ)

