ModSecurity Handbook: Getting Started - Bad Request
ModSecurity Handbook: Getting Started - Bad Request
ModSecurity Handbook: Getting Started - Bad Request
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
AuditConsole<br />
Using <strong>ModSecurity</strong> entirely from the command line is possible but not much fun. The<br />
configuration part is not a problem, but reviewing logs is difficult without higher-level tools.<br />
Your best choice for a log centralization and GUI tool is AuditConsole, which is built by Christian<br />
Bockermann and hosted on jwall.org [http://www.jwall.org].<br />
AuditConsole is free and provides the following features:<br />
• Event centralization from multiple remote <strong>ModSecurity</strong> installations<br />
• Event storage and retrieval<br />
• Support for multiple user accounts and support for different views<br />
• Event tagging<br />
• Event rules, which are executed in the console<br />
Summary<br />
This chapter was your <strong>ModSecurity</strong> orientation. I introduced <strong>ModSecurity</strong> at a high level,<br />
discussed what it is and what it isn’t, and what it can do and what it cannot. I also gave you a<br />
taste of what <strong>ModSecurity</strong> is like and described common usage scenarios, as well as covered<br />
some of the interesting parts of its operation.<br />
The foundation you now have should be enough to help you set off on a journey of <strong>ModSecurity</strong><br />
exploration. The next chapter discusses installation.<br />
AuditConsole 21