teler v2.0-dev releases: Real-time HTTP Intrusion Detection
teler is a real-time http intrusion detection and threat alert based on a weblog that runs in a terminal with resources that we collect and provide by the community.
- Real-time: Analyze logs and identify suspicious activity in real-time.
- Alerting: It provides alerting when a threat is detected, push notifications include Slack, Telegram, and Discord.
- Latest resources: Collections are continuously up-to-date.
- Minimal configuration: You can just run it against your log file, write the log format, and let teler analyze the log and show you alerts!
- Flexible log formats: It allows any custom log format string! It all depends on how you write the log format in the configuration file.
- Incremental log processing: Need data persistence rather than buffer stream? It has the ability to process logs incrementally through the on-disk persistence options.
It was designed to be a fast, terminal-based threat analyzer. Its core idea is to quickly analyze and hunt threats in real-time!
Here are all the switches it supports.
|teler configuration file||kubectl logs nginx | teler -c /path/to/config/teler.yaml|
|Analyze logs from data persistence rather than buffer stream||teler -i /var/log/nginx/access.log|
|Set the concurrency level to analyze logs
|tail -f /var/log/nginx/access.log | teler -x 50|
|Save detected threats to file||teler -i /var/log/nginx/access.log -o /tmp/threats.log|
|–json||Display threats in the terminal as JSON format||teler -i /var/log/nginx/access.log –json|
|–rm-cache||Remove all cached resources||teler –rm-cache|
|Show current teler version||teler -v|
- dfdc7d3 move quote above of filters range
- 6c76619 add IsAny method for matchers package
- 667c814 build(deps): bump golangci/golangci-lint-action from 3.1.0 to 3.3.1
- 82f1c68 ci(review): add branches pattern for v2 to trigger
- 2a9a6f2 ci(publish): duplicate job name
- 9651b3a config: move ref to new page
- fe9e22d ci: merge publish workflow to release
- 0a1aa8d ci: remove sonar-scanner step
- 79aa998 build(deps): bump actions/stale from 5 to 6
- aac1d70 workflow+build: add –snapshot flag for build all
- 51e601e build(deps): bump github.com/satyrius/gonx from 1.3.0 to 1.4.0 (#253)
- 4eedb70 docs: license notes
Copyright © by Dwi Siswanto 2020.