Support regular expressions in rules and views for text logs
Please include support for regular expressions to be used in text log rules and views. There are ways to identify threats to web applications but most require use of regular expressions. The following source defines RE's for the top 10 threats:
http://www.sans.org/reading-room/whitepapers/logging/detecting-attacks-web-applications-log-files-2074
5
votes
