Skip to content

charlesleavitt/EyesOfArgus

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
eyesofargus.py
eyesofargus.py
 
 
flare.json
flare.json
 
 
index.html
index.html
 
 
modsec_audit.log
modsec_audit.log
 
 

Repository files navigation

EyesOfArgus

A ModSecurity Log Visualizer

Prerequisites:

  • This visualization project reads ModSecurity version 2.9.1+ logs in JSON format. This means you need to either have ModSecurity ver 2.9.1+ running with JSON logs using the OWASP rule set or have a copy of a JSON ModSecurity Log
  • For your convenience a sample log is included
  • Other dependencies:
    • python 2.7+
    • a running web server eg. Apache2

Installation:

As root: Clone or copy this repository to your web server's document root.

Usage:

To view the ModSecurity log visualization there are two options:

  1. Run with limited permissions on a local copy of the logfile:
    1. Copy the ModSecurity log file (eg. modsec_audit.log) to the EyesOfArgus directory
    2. Run "python eyesofargus.py"
  2. Run as root with the log file path/name as an argument:
    Eg. "sudo python eyesofargus.py /var/log/modsec_audit.log"

Note:

If you have any permissions errors run the program with "sudo" permissions or recursively change the permissions on the EyesOfArgus directory with: "sudo chmod -R 777 EyesOfArgus"

A demo of the sample log is here: http://eoa.charlesleavitt.net/

About

A ModSecurity Log Visualizer

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

1 watching

Forks

3 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages