https://docs.mitigator.ru/v26.04/en/tags/logan/ Recent content in Logan on BIFIT Mitigator Hugo -- gohugo.io en https://docs.mitigator.ru/v26.04/en/psg/psg-analysis/al/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/psg/psg-analysis/al/ Analyzes web server logs in access.log format and calculates statistics. It allows to identify anomalies and attacking IP addresses. Can be used when writing filtering rules in LOGAN. The mechanism accepts a file with Web server Access logs in “File for analysis” field and a log format in “NGINX log-format” field. The “Output threshold” field specifies the minimum number of repetitions of the calculated parameter to be included in the report. https://docs.mitigator.ru/v26.04/en/psg/psg-analysis/goaccess/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/psg/psg-analysis/goaccess/ Generating a report using the GoAccess.io log analyzer. Goaccess log analyzer analyzes web server logs. Can be used alone or in combination with «Log Analyzer» to obtain additional statistics. The file for analysis is specified in the “File for analysis” field. The Goaccess format is specified in the “log-format” field. It may be convenient to use third-party tools if you need to convert NGINX log-format to goaccess config, for example nginx2goaccess. https://docs.mitigator.ru/v26.04/en/psg/psg-analysis/log-format/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/psg/psg-analysis/log-format/ The mechanism recognizes the log format in the uploaded file. Can be used when describing the log format in LOGAN or Log analyzer. Related Content Goaccess Log Analyzer Log Analyzer Logan Rules Generator ACL Rules Generator Express report by IP address IP Analyzer Multipurpose Analyzer Payload Analyzer Service Analyzer Service Change Log https://docs.mitigator.ru/v26.04/en/psg/psg-analysis/logan-rules/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/psg/psg-analysis/logan-rules/ The mechanism generates rules for LOGAN based on an uploaded web server log file. To initiate the generation, you need to specify the log format, which can be determined using the Log Format Analyzer. Related Content Goaccess Log Analyzer Log Analyzer Log Format Analyzer ACL Rules Generator Express report by IP address IP Analyzer Multipurpose Analyzer Payload Analyzer Service Analyzer Service Change Log https://docs.mitigator.ru/v26.04/en/integrate/log-analyzer/ Mon, 01 Jan 0001 00:00:00 +0000 https://docs.mitigator.ru/v26.04/en/integrate/log-analyzer/ Info The log analysis functionality is additionally licensed. Logan is a MITIGATOR functionality for analyzing logs of a protected Web server (HTTP, HTTPS), detecting anomalies and attacking addresses. Protected servers send their logs to the Logan using syslog RFC 3164 (UDP, TCP). Logan can be located on the same server as the rest of the MITIGATOR, or separately. Logan on MITIGATOR Instance The following steps assume that an instance of MITIGATOR has already been installed.