This paper aims to explain how honeypots work, how they are implemented, and why they have become a key aspect of cybersecurity. Honeypots are capable of doing everything from detecting new attacks never seen before in their environment to tracking programmed credit card fraud and identity theft. The paper implements the Cowrie honeypot system in a controlled environment to simulate attacks on SSH and Telnet services. Special focus is placed on the analysis of generated JSON log records, the complex structure of which makes forensic processing difficult. As a contribution to the paper, a Python helper module has been developed to convert raw log files into a readable and structured text format, thus improving the efficiency of security event analysis.