Scott Mortimer 

~Open Source Security Tool of the Day~

#osstotd

teler

Real-time HTTP Intrusion Detection

`teler` is an **real-time intrusion detection** and threat alert based on web log that runs in a **terminal** with resources that we collect and provide by the community.

Features

- **Real-time**: Analyze logs and identify suspicious activity in real-time.

- **Alerting**: teler provides alerting when a threat is detected, push notifications include Slack, Mattermost, Telegram and Discord.

- **Monitoring**: We've our own metrics if you want to monitor threats easily, and we use Prometheus for that.

- **Logging**: is also provided in file form or sends detected threats to the Zinc logs search engine.

- **Latest resources**: Collections is continuously up-to-date.

- **Minimal configuration**: You can just run it against your log file, write the log format and let teler analyze the log and show you alerts!

- **Flexible log formats**: teler allows any custom log format string! It all depends on how you write the log format in configuration file.

- **Custom threat rules**: Want to reach a wider range of threats instead of engine-based _(default)_ rules? You can customize threat rules!

- **Incremental log processing**: Need data persistence rather than buffer stream? teler has the ability to process logs incrementally through the on-disk persistence options.

Why teler?

teler was designed to be a fast, terminal-based threat analyzer. Its core idea is to quickly analyze and hunt threats in real time!

https://github.com/kitabisa/teler

GitHub - kitabisa/teler: Real-time HTTP Intrusion Detection

Real-time HTTP Intrusion Detection. Contribute to kitabisa/teler development by creating an account on GitHub.

GitHub
Dec 5, 2022 at 5:36pmWeb
Show threadSound of Quiet (they/them)Dec 5, 2022
@ScottMortimer Thank you for sharing!