{"id":4027,"date":"2016-02-02T15:31:42","date_gmt":"2016-02-02T07:31:42","guid":{"rendered":"https:\/\/www.darknet.org.uk\/?p=4027"},"modified":"2016-02-02T15:31:52","modified_gmt":"2016-02-02T07:31:52","slug":"waf-fle-graphical-modsecurity-console-dashboard","status":"publish","type":"post","link":"https:\/\/www.darknet.org.uk\/2016\/02\/waf-fle-graphical-modsecurity-console-dashboard\/","title":{"rendered":"WAF-FLE &#8211; Graphical ModSecurity Console Dashboard"},"content":{"rendered":"<p>WAF-FLE (Web Application Firewall: Fast Log and Event Console) is a OpenSource <a href=\"https:\/\/www.darknet.org.uk\/2015\/11\/modsecurity-open-source-web-application-firewall\/\">ModSecurity<\/a> Console &#8211; which allows the modsecurity admin to store, view and search events sent by sensors.<\/p>\n<p align=\"center\"><img decoding=\"async\" src=\"https:\/\/c2.staticflickr.com\/2\/1445\/24767714035_4def457efd.jpg\" alt=\"WAF-FLE - Graphical ModSecurity Console Dashboard\" \/><\/p>\n<p>It uses a graphical dashboard to drill-down and find quickly the most relevant events. It is designed to be fast and flexible, while keeping a powerful and easy to use filter, with almost all fields clickable to use on filter.<\/p>\n<h3>Features<\/h3>\n<ul>\n<li>Central event console<\/li>\n<li>Support Modsecurity in \u201ctraditional\u201d and \u201cAnomaly Scoring\u201d<\/li>\n<li>Brings mlog2waffle as a replacement to mlogc<\/li>\n<li>Receive events using mlog2waffle or mlogc<\/li>\n<ul>\n<li>mlog2waffle: in real-time, following log tail, or batch scheduled in crontab<\/li>\n<li>mlogc: in real-time, piped with ModSecurity log, in batch scheduled in crontab<\/li>\n<\/ul>\n<li>No sensor limit<\/li>\n<li>Drill down of events with filter<\/li>\n<li>Dashboard with recent events information<\/li>\n<li>Almost every event data and charts are \u201cclickable\u201d deepening the drill down filter<\/li>\n<li>Inverted filter (to filter for \u201call but this item\u201d)<\/li>\n<li>Filter for network (in CIDR format, x.x.x.x\/22)<\/li>\n<li>Original format (Raw) to event download<\/li>\n<li>Use Mysql as database<\/li>\n<li>Wizard to help configure log feed between ModSecurity sensors and WAF-FLE<\/li>\n<li>Open Source released under GPL v2<\/li>\n<\/ul>\n<h3>Requirements<\/h3>\n<ul>\n<li>   Apache 2.x server with modrewrite<\/li>\n<li>   PHP 5.3 or higher<\/li>\n<li>   PHP PDO Mysql extension<\/li>\n<li>   PHP GeoIP extension<\/li>\n<li>   MySQL 5.1 or later<\/li>\n<\/ul>\n<p>Supported:<\/p>\n<p>Consider installing APC or APCu (php cache) to improve WAF-FLE performance.<\/p>\n<p>You can download WAF-FLE here:<\/p>\n<p><a href=\"https:\/\/github.com\/klaubert\/waf-fle\/archive\/master.zip\">waf-fle-master.zip<\/a><\/p>\n<p>Or read more <a href=\"https:\/\/github.com\/klaubert\/waf-fle\">here<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>WAF-FLE (Web Application Firewall: Fast Log and Event Console) is a OpenSource ModSecurity Console &#8211; which allows the modsecurity admin to store, view and search events sent by sensors. It uses a graphical dashboard to drill-down and find quickly the most relevant events. It is designed to be fast and flexible, while keeping a powerful [&hellip;]<\/p>\n","protected":false},"author":25,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_seopress_robots_primary_cat":"","_seopress_titles_title":"","_seopress_titles_desc":"WAF-FLE (Fast Log and Event Console) is a OpenSource ModSecurity Console -\u00a0 which allows the modsecurity admin to store, view and search events.","_seopress_robots_index":"","_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[12,11],"tags":[2598,267],"featured_image_src":null,"featured_image_src_square":null,"author_info":{"display_name":"Darknet","author_link":"https:\/\/www.darknet.org.uk\/author\/darknet\/"},"_links":{"self":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/4027"}],"collection":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/users\/25"}],"replies":[{"embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/comments?post=4027"}],"version-history":[{"count":0,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/posts\/4027\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/media?parent=4027"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/categories?post=4027"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.darknet.org.uk\/wp-json\/wp\/v2\/tags?post=4027"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}