Kategorije:


13.04.2008.

Modsecurity audit_log analysis
Lokacija: WebDev :: Hosting   |   Autor: cacan @ 17:10   |  

Par korisnih Mod Security grepova za cupanje iz audit_loga…

egrep ‘Host:’ audit_log | sort | uniq -c | sort -rn | sed “s/mod_security-message\: Access denied with code 412\. //g” >

egrep ‘mod_security-message’ audit_log | sort | uniq -c | sort -rn | mod_security-message-sort.txt

egrep “^HTTP/” audit_log | sed “s/HTTP\/[01].[019] //g” | sort | uniq > HTTPcodes-audit.txt

i za access log…

cat httpd-access.log | awk ‘{print $7}’ | sort | uniq -c | sort -rn | less

P.S. Jos samo da ne moram procitati 17 zilijardi manuala u kojima cu pronaci upute kako iskljuciti zapisivanje 404 u audit log. Ugh…





Vezani blogovi:
  • .htaccess - firewall example
  • Captology - i ja zelim prati mozgove…
  • PHP Bayesian Filter i par sitnih PHP utila
  • PHPcap - Pcap and Network extension for php - packet sniffing
  • Online Armor Firewall - best freeware firewall
  • Trynt.com - Free web API’s
  • Free english dictionary - thesaurus - besplatni engleski rjecnik






  • Was this article helful to you? If so, please click on the (+) [plus] sign below! It's Croatian digg ;-) Tnx!


       7 korisnika online   
    April 2008
    S M T W T F S
    « Mar   May »
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  
    Za korisnike:

    33 queries. 0.120 seconds. Powered by Blog385.com