turbot/tailpipe-mod-apache-access-log-detections

Apache Access Log Detections Mod

Tailpipe is an open-source CLI tool that allows you to collect logs and query them with SQL.

The Apache Access Log Detections Mod contains pre-built dashboards and detections, which can be used to monitor and analyze activity across your Apache servers.

Documentation

Getting Started

Install Powerpipe from the downloads page:

# MacOS
brew install turbot/tap/powerpipe
# Linux or Windows (WSL)
sudo /bin/sh -c "$(curl -fsSL https://powerpipe.io/install/powerpipe.sh)"

This mod also requires Apache access logs to be collected using Tailpipe with the Apache plugin:

Install the mod:

mkdir dashboards
cd dashboards
powerpipe mod install github.com/turbot/tailpipe-mod-apache-access-log-detections

Browsing Dashboards

Start the dashboard server:

powerpipe server

Browse and view your dashboards at http://localhost:9033.

Running Benchmarks in Your Terminal

Instead of running benchmarks in a dashboard, you can also run them within your terminal with the powerpipe benchmark command:

List available benchmarks:

powerpipe benchmark list

Run a benchmark:

powerpipe benchmark run apache_access_log_detections.benchmark.owasp_top_10

Different output formats are also available, for more information please see Output Formats.