Security log is a high performence access log analyzer for OWASP TOP 10 attacks (well only part that can be detected from access logs 😉). This project was created as part of my bachelor thesis.
Download precompiled binary for Ubuntu
- analyse web access logs
- nginx / apache format
- reading from file or elasticsearch
- reporting using email ✉️
- running as a daemon 👻
Configurable using config stored in /etc/security-log/config.yaml
Input types: 🕸
- 🕵️ elasticsearch
- 📂 file path
Output types / Incident reporting #️⃣
- ➥ std
- ✉️ email
Server type
- nginx
- apache
Apache, elasticsearch with output to std
tag: Config
serverType: Apache
input:
tag: Elastic
size: 10
ip: http://localhost:9200
output:
tag: Std
asDaemon: falseNginx, file, with output to email runing as daemon
tag: Config
serverType: Nginx
input:
tag: File
content: /logs/apache/acces_log
output:
tag: Email
content: [email protected]
asDaemon: trueInstall haskell stack with ```bash curl -sSL https://get.haskellstack.org/ | sh
Compile using ```bash
stack build