Customer log analysis and action module from Secpanel
Glad to share a new module in Secpanel, the security tool for servers.
Secpanel now offers a custom log analysis option. You can specify a target file and a bad pattern, which you want to protect against. You can also set a threshold and a desired action if the threshold is met.
For example: If you would like to search for 'Failed password' in the /var/log/secure file with a threshold of 5 and a desired action of banning the offending IP, it can be achieved with this module.
You can choose between two different actions: banning or emailing you about the occurrence of the incident.
You can use Analyzer to stop brute force attacks, application attacks or stop or track any other patterns or attacks which will create any kind of noise or known / determinable patterns in any of the log files.