WAF-FLE is a OpenSource Console for ModSecurity, it allow the modsec admin to view and search events sent by mlogc (modsecurity event log handler).

Features:

  • Central event console
  • Support Modsecurity in “traditional” and “Anomaly Scoring”
  • Able to receive events sent from mlogc (in real-time or in batch using┬ámlogc-batch-load.pl)
  • No sensor number limit
  • Dashboard with recent events information
  • Drill down of events with filter
  • Every (almost) data is “clickable” to drill down the filter
  • Inverted filter (to filter for “all but this item”)
  • Filter for network (in CIDR format, x.x.x.x/22)
  • Raw event download
  • Use Mysql as database
  • Wizard to help configure log feed between ModSecurity sensors and WAF-FLE
  • Open Source released under GPL v2