Re: [mod-security-users] log formatting utility

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

Have you tried the community console?
http://www.modsecurity.org/projects/console/index.html.  It stores the
Mod audit log data in a DB and has a searching interface where you can
extract/view/sort based on the parameters you mentioned.

-- 
Ryan C. Barnett
ModSecurity Community Manager
Breach Security: Director of Application Security
Web Application Security Consortium (WASC) Member
CIS Apache Benchmark Project Lead
SANS Instructor, GCIA, GCFA, GCIH, GSNA, GCUX, GSEC
Author: Preventing Web Attacks with Apache

> -----Original Message-----
> From: mod...@li... [mailto:mod-
> sec...@li...] On Behalf Of R.A. Imhoff
> Sent: Tuesday, August 05, 2008 10:01 AM
> To: mod...@li...
> Subject: [mod-security-users] log formatting utility
> 
> Is there any sort of utility that would enable one to format the audit
> log for importing into a database so one could analyze it (off-line)
> more efficiently?
> 
> For example, if one could dissect the log so that the host, the called
> url, the user agent, the result code and the rules that fired were all
> imported into different fields in a table, one could more quickly sort
> through them, for example by discarding all requests from spiders that
> don't fill in the response headers correctly, etc.
> 
> Many thanks for any hints!
> Robert Imhoff
> 
>
------------------------------------------------------------------------
-
> This SF.Net email is sponsored by the Moblin Your Move Developer's
> challenge
> Build the coolest Linux based applications with Moblin SDK & win great
> prizes
> Grand prize is a trip for two to an Open Source event anywhere in the
> world
> http://moblin-contest.org/redirect.php?banner_id=100&url=/
> _______________________________________________
> mod-security-users mailing list
> mod...@li...
> https://lists.sourceforge.net/lists/listinfo/mod-security-users