Skip to content

fboender/mod_sec_report

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

example.png

example.png

 
 

mod_sec_report

mod_sec_report

 
 

mod_sec_report.tpl

mod_sec_report.tpl

 
 

requirements.txt

requirements.txt

 
 

Repository files navigation

ModSecurity Report generator

ModSecurity, sometimes called Modsec, is an open-source web application firewall (WAF) for Apache, Microsoft IIS and Nginx. mod_sec_report converts mod_security violation logging in JSON format to an HTML page for human-friendly viewing.

Screenshot of an example report:

Example screenshot of HTML report

Installation

mod_sec_report requires Python v3.

Install the dependencies:

$ pip install -r requirements.txt

Usage

mod_sec_report only works with logging in JSON format! You can enable JSON logging with the SecAuditLogFormat setting in mod_security:

    SecAuditLogFormat JSON
    SecAuditLog /var/log/apache2/modsec-audit.log

Usage:

usage: mod_sec_report [-h] LOGFILES [LOGFILES ...]

ModSecurity Report generator

positional arguments:
  LOGFILES    ModSec log files in JSON fmt

optional arguments:
  -h, --help  show this help message and exit

mod_sec_report understands both plain text log files as well as logrotated .gz log files. It automatically orders log entries by date and time, so the order in which you specify the log files doesn't matter.

Example:

./mod_sec_report /var/log/apache2/*modsec* > modsec-audit.html

About

Generate a HTML report from mod_security JSON logging

Resources

Readme

License

GPL-3.0 license
Activity

Stars

2 stars

Watchers

3 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages