teler v2.0-dev releases: Real-time HTTP Intrusion Detection
teler
teler is a real-time http intrusion detection and threat alert based on a weblog that runs in a terminal with resources that we collect and provide by the community.
Features
- Real-time: Analyze logs and identify suspicious activity in real-time.
- Alerting: It provides alerting when a threat is detected, push notifications include Slack, Telegram, and Discord.
- Latest resources: Collections are continuously up-to-date.
- Minimal configuration: You can just run it against your log file, write the log format, and let teler analyze the log and show you alerts!
- Flexible log formats: It allows any custom log format string! It all depends on how you write the log format in the configuration file.
- Incremental log processing: Need data persistence rather than buffer stream? It has the ability to process logs incrementally through the on-disk persistence options.
Why teler?
It was designed to be a fast, terminal-based threat analyzer. Its core idea is to quickly analyze and hunt threats in real-time!
Use
Here are all the switches it supports.
| Flag | Description | Examples |
|---|---|---|
| -c, –config |
teler configuration file | kubectl logs nginx | teler -c /path/to/config/teler.yaml |
| -i, –input |
Analyze logs from data persistence rather than buffer stream | teler -i /var/log/nginx/access.log |
| -x, –concurrent |
Set the concurrency level to analyze logs (default: 20) |
tail -f /var/log/nginx/access.log | teler -x 50 |
| -o, –output |
Save detected threats to file | teler -i /var/log/nginx/access.log -o /tmp/threats.log |
| –json | Display threats in the terminal as JSON format | teler -i /var/log/nginx/access.log –json |
| –rm-cache | Remove all cached resources | teler –rm-cache |
| -v, –version |
Show current teler version | teler -v |
Changelog v2.0-dev
- dfdc7d3 move quote above of filters range
- 6c76619 add IsAny method for matchers package
- 667c814 build(deps): bump golangci/golangci-lint-action from 3.1.0 to 3.3.1
- 82f1c68 ci(review): add branches pattern for v2 to trigger
- 2a9a6f2 ci(publish): duplicate job name
- 9651b3a config: move ref to new page
- fe9e22d ci: merge publish workflow to release
- 0a1aa8d ci: remove sonar-scanner step
- 79aa998 build(deps): bump actions/stale from 5 to 6
- aac1d70 workflow+build: add –snapshot flag for build all
- 51e601e build(deps): bump github.com/satyrius/gonx from 1.3.0 to 1.4.0 (#253)
- 4eedb70 docs: license notes
Download & Tutorial
Copyright © by Dwi Siswanto 2020.
