No tool traces a security log event back to the exact config file:line that caused it. Building one. Roast my approach.
Problem I keep hitting during IR: log says traffic was allowed/blocked, but finding the responsible config rule across iptables + Suricata + proxy configs is manual grep hell. Building LogLens (Rust, open source) that: 1.Parses logs from iptables, Suricata, ModSecurity, nginx, e2guardian, EVTX 2.I
ORIGINAL SOURCE →via Reddit r/cybersecurity
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · tech
- [TECH] Launch: Ariane 64 | Amazon Leo (LE-02)
- [TECH] Launch: Atlas V 551 | Amazon Leo (LA-06)
- [TECH] Launch: Falcon Heavy | ViaSat-3 F3 (ViaSat-3 Asia-Pacific)
- [TECH] Launch: Falcon 9 Block 5 | Starlink Group 17-16
- [TECH] Launch: Soyuz 2.1a | Progress MS-34 (95P)
- [TECH] Launch: Long March 6 | Unknown Payload