WAF-FLE is a console for ModSecurity. It allows modsec administrators to view and search events logged by mlogc or mlog2waffle. The dashboard shows a graphical view of events, and when combined with the powerful drill-down filter allows quick searching for relevant events. Events can be viewed in detail, whether sent by one or many sensors.
|Tags||Security waf web application firewall|
|Implementation||PHP 5.3 + MySQL|
Release Notes: Many bugs were fixed, such as better deletion of events when using filters; better handling of events from badly formed requests; and a fixed version of mlog2waffle, which is working better in batch mode. mlog2wafle now supports sending events to waf-fle in SSL with a self-signed certificate. There is improved setup for permissions of a non-localhost database.
Release Notes: This release features a filter-enabled Dashboard, the ability to delete events by filter, compression of full events, use of X-Forwarded-For or other headers as the source address, support for the ModSecurity 2.7 Engine-Mode variable, GeoIP support in the dashboard, mlog2waffle, a daemon that works as a replacement for mlogc, a much improved sensor and user management interface, improved ModSecurity events parsing supporting some new fields like stopwatch2, and many bugfixes.
Release Notes: An issue that prevented users from creating a new sensor, something essential to WAF-FLE usage, has been fixed.
Release Notes: This is a major release, with many new features, improvements, and bugfixes. You can now use filters in the dashboard. All charts and tables are clickable for drilling down into data. Compression of full events was implemented, saving around 60% of space. A setup script helps with dependency checking and database creation/migration. mlog2waffle was included - a daemon that works as a replacement to mlogc.