Reuben, 

in WAF-FLE, mentioned by Marcus, you can receive events from many ModSecurity sensors, and look for relevant events using a drill-down filter, you can use many fields of logs to make these filters. while it don't produce reports (in strict sense of the word) it show you the events in a clear interface, it able you to quickly pay attention to relevant events, with charts and event details.

Best regards, 

Klaubert Herr
http://waf-fle.org


On Tue, Jun 3, 2014 at 1:59 PM, Jason Sajdak <jsajdak@acumium.com> wrote:
My solution was using nxlog (which I configured to parse the concurrent logs (not the audit log) and then forms them the json). Nxlog then sends them on to a Loggly account I've set up. Loggly takes care of the indexing and "searchability" of the entries based on the json data. I've implemented this solution with apache and IIS and found it to be very useful in tracking problems in real time.



On Tue, Jun 3, 2014 at 11:19 AM, Robert Paprocki <rpaprocki@fearnothingproductions.net> wrote:
Reuben,

If you're looking for a GUI you may want to look at AuditConsole:

http://www.jwall.org/web/audit/console/index.jsp

mod_security audit logs can be difficult to parse, so I've written a patch that natively writes the logs as JSON:

https://www.cryptobells.com/logging-mod_security-in-json/

This approach probably is far out of scope for your needs, but perhaps someone can make some use of it (and help me flesh it out further when time becomes available).


On 6/3/2014 08:31, Reuben Popp wrote:
Can anybody tell me if there's a script or tool available (or maybe something someone has written and is willing to share) that will generate a report for event processing from the audit log?  I can probably write something but wanted to see if anything existed already.

Thanks in advance, as always
Reuben


------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their 
applications. Written by three acclaimed leaders in the field, 
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech


_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/


------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/



------------------------------------------------------------------------------
Learn Graph Databases - Download FREE O'Reilly Book
"Graph Databases" is the definitive new guide to graph databases and their
applications. Written by three acclaimed leaders in the field,
this first edition is now available. Download your free book today!
http://p.sf.net/sfu/NeoTech
_______________________________________________
mod-security-users mailing list
mod-security-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mod-security-users
Commercial ModSecurity Rules and Support from Trustwave's SpiderLabs:
http://www.modsecurity.org/projects/commercial/rules/
http://www.modsecurity.org/projects/commercial/support/