A ModSecurity Log Visualizer
- Charles Leavitt - [email protected]
- Josh Akers - [email protected]
- Kortni Sheldon - [email protected]
- This visualization project reads ModSecurity version 2.9.1+ logs in JSON format. This means you need to either have ModSecurity ver 2.9.1+ running with JSON logs using the OWASP rule set or have a copy of a JSON ModSecurity Log
- For your convenience a sample log is included
- Other dependencies:
- python 2.7+
- a running web server eg. Apache2
As root: Clone or copy this repository to your web server's document root.
To view the ModSecurity log visualization there are two options:
- Run with limited permissions on a local copy of the logfile:
- Copy the ModSecurity log file (eg. modsec_audit.log) to the EyesOfArgus directory
- Run "python eyesofargus.py"
- Run as root with the log file path/name as an argument:
Eg. "sudo python eyesofargus.py /var/log/modsec_audit.log"
If you have any permissions errors run the program with "sudo" permissions or recursively change the permissions on the EyesOfArgus directory with: "sudo chmod -R 777 EyesOfArgus"
A demo of the sample log is here: http://eoa.charlesleavitt.net/