- Support CentOS ssh-daemon log file '/var/log/secure'
- It is now possible to retrieve 'org' from the WHOIS API.
- Implemented Attack Analysis (aa), which can output the analysis results of IP address, user name, port number, and password attempts obtained from ssh logs.
- Implemented Alert IP, which extracts login attempts that fall within the range of IP addresses registered in 'alert_ip', and allows for separate output and console display. It can also be set to ignore by registering it to 'alert_ip_ignore'.
When used with the Attack Analysis option, the behavior of the IP in question can also be analyzed.