teler v1.1 releases: Real-time HTTP Intrusion Detection
teler is a real-time http intrusion detection and threat alert based on a weblog that runs in a terminal with resources that we collect and provide by the community.
- Real-time: Analyze logs and identify suspicious activity in real-time.
- Alerting: It provides alerting when a threat is detected, push notifications include Slack, Telegram, and Discord.
- Latest resources: Collections are continuously up-to-date.
- Minimal configuration: You can just run it against your log file, write the log format, and let teler analyze the log and show you alerts!
- Flexible log formats: It allows any custom log format string! It all depends on how you write the log format in the configuration file.
- Incremental log processing: Need data persistence rather than buffer stream? It has the ability to process logs incrementally through the on-disk persistence options.
It was designed to be a fast, terminal-based threat analyzer. Its core idea is to quickly analyze and hunt threats in real-time!
Here are all the switches it supports.
|teler configuration file||kubectl logs nginx | teler -c /path/to/config/teler.yaml|
|Analyze logs from data persistence rather than buffer stream||teler -i /var/log/nginx/access.log|
|Set the concurrency level to analyze logs
|tail -f /var/log/nginx/access.log | teler -x 50|
|Save detected threats to file||teler -i /var/log/nginx/access.log -o /tmp/threats.log|
|–json||Display threats in the terminal as JSON format||teler -i /var/log/nginx/access.log –json|
|–rm-cache||Remove all cached resources||teler –rm-cache|
|Show current teler version||teler -v|
3463ae5 ⬆️ Update dependencies
2a2831c Merge pull request #120 from kitabisa/all-contributors/add-ossie-git
709861d docs: update .all-contributorsrc [skip ci]
775a81e docs: update README.md [skip ci]
86ab500 📝 Update example of Apache log format (Close #115)
7710828 Merge pull request #119 from kitabisa/all-contributors/add-michael-bouvy
19b0094 docs: update .all-contributorsrc [skip ci]
fe171e7 docs: update README.md [skip ci]
1cbb9fd Merge pull request #118 from michael-bouvy/patch-1
aa79e5f Fix Docker image name in documentation
Copyright © by Dwi Siswanto 2020.