Monday, April 29, 2013

[WAF-FLE] Web application firewall: fast log and event console

WAF-FLE is a OpenSource Console for ModSecurity, it allow the modsec admin to view and search events sent by mlogc (modsecurity event log handler).

Features:
  • Central event console
  • Support Modsecurity in “traditional” and “Anomaly Scoring”
  • Able to receive events sent from mlogc (in real time or in batch using mlogc-batch-load.pl)
  • No sensor number limit
  • Dashboard with recent events information
  • Drill down of events with filter
  • Every (almost) data is “clickable” to drill down the filter
  • Inverted filter (to filter for “all but this item”)
  • Filter for network (in CIDR format, x.x.x.x/22)
  • Raw event download
  • Use Mysql as database
  • Open Source released under GPL v2

No comments:

Post a Comment