Skip to content
This repository was archived by the owner on Nov 28, 2018. It is now read-only.

theMiddleBlue/modsecurity-to-elasticsearch

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
modsec_parser.py
modsec_parser.py
 
 

Repository files navigation

ModSecurity JSON to Elasticsearch

please, read the following post before using it: https://medium.com/@themiddleblue/modsecurity-elasticsearch-kibana-40e4f8191e35

Usage:

python modsec_parser.py -d <auditlog directory>

Example:

$ python modsec_parser.py -d /usr/local/nginx/logs/modsecurity/www.example.com
Parsed /usr/local/nginx/logs/modsecurity/www.example.com/20171114/20171114-1714/20171114-171410-151067605036.512983
Sleeping for a while...

or run it in background

$ python modsec_parser.py -d /usr/local/nginx/logs/modsecurity/www.example.com > /dev/null 2>&1 &

Contributors

probably your python skills are better then mine, so all contributions are appreciated :)

About

Very simple and primitive Python script that sends ModSecurity JSON Audit Logs to Elasticsearch

Resources

Readme

License

MIT license
Activity

Stars

17 stars

Watchers

1 watching

Forks

17 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages