Free security log analyzer for apache

analysisapache-http-serverloggingSecurity

What I need is a forensic log analyzer tool for apache to do the after math of a successful abuse of service attack which took place 2-3 month in the past. We are running a shared hosting service and one of our customers seems to have (or had) an exploitable script running. I suspect that I could find clues and hints in the logs but they are just too huge to browse through them manually or grep regexps from them.

Is there a tool which can do it and has predefined search patterns for known attacks and probably even heuristics to discover suspicious activities?

I do not look for a tool to do real-time blocking of such attempts because I need to analyze past logs and see if the exploit has been closed.

Best Answer

  • Probably, AWStats can help you. It is a free and open-source tool.

    Edit/Update:
    Check out Phpida and Scalp as well. They are security analyzers looking for HTTP attacks, SQL injection etc.
    http://sourceforge.net/projects/phpida/
    http://code.google.com/p/apache-scalp/

  • Related Question