teler v1.1 releases: Real-time HTTP Intrusion Detection
teler
teler is a real-time http intrusion detection and threat alert based on a weblog that runs in a terminal with resources that we collect and provide by the community.
Features
- Real-time: Analyze logs and identify suspicious activity in real-time.
- Alerting: It provides alerting when a threat is detected, push notifications include Slack, Telegram, and Discord.
- Latest resources: Collections are continuously up-to-date.
- Minimal configuration: You can just run it against your log file, write the log format, and let teler analyze the log and show you alerts!
- Flexible log formats: It allows any custom log format string! It all depends on how you write the log format in the configuration file.
- Incremental log processing: Need data persistence rather than buffer stream? It has the ability to process logs incrementally through the on-disk persistence options.
Why teler?
It was designed to be a fast, terminal-based threat analyzer. Its core idea is to quickly analyze and hunt threats in real-time!
Use
Here are all the switches it supports.
| Flag | Description | Examples |
|---|---|---|
| -c, –config |
teler configuration file | kubectl logs nginx | teler -c /path/to/config/teler.yaml |
| -i, –input |
Analyze logs from data persistence rather than buffer stream | teler -i /var/log/nginx/access.log |
| -x, –concurrent |
Set the concurrency level to analyze logs (default: 20) |
tail -f /var/log/nginx/access.log | teler -x 50 |
| -o, –output |
Save detected threats to file | teler -i /var/log/nginx/access.log -o /tmp/threats.log |
| –json | Display threats in the terminal as JSON format | teler -i /var/log/nginx/access.log –json |
| –rm-cache | Remove all cached resources | teler –rm-cache |
| -v, –version |
Show current teler version | teler -v |
Changelog v1.1
3463ae5 ⬆️ Update dependencies
2a2831c Merge pull request #120 from kitabisa/all-contributors/add-ossie-git
709861d docs: update .all-contributorsrc [skip ci]
775a81e docs: update README.md [skip ci]
86ab500 📝 Update example of Apache log format (Close #115)
7710828 Merge pull request #119 from kitabisa/all-contributors/add-michael-bouvy
19b0094 docs: update .all-contributorsrc [skip ci]
fe171e7 docs: update README.md [skip ci]
1cbb9fd Merge pull request #118 from michael-bouvy/patch-1
aa79e5f Fix Docker image name in documentation
Download & Tutorial
Copyright © by Dwi Siswanto 2020.
