Pentest Tools

Published on September 3rd, 2016 📆 | 8273 Views ⚑

0

ARTLAS – Apache Real Time Logs Analyzer System

https://www.ispeech.org

ChangeLog

-Added CEF for syslog and SIEM
-Added option to connect in syslog servers or SIEM’s
-Added Zabbix integration with differents triggers
-Code review added class structure
-Added vhost capability
-Added verbose outup enabled
-Zabbix Notifications bugs fixed

Supported Output

Zabbix Version 2.4 and 3.0
SySlog
SIEM
Telegram

Supported web servers

Apache
Apache vHost
Nginx
Nginx vHost

Installation

Clone project
git clone https://github.com/mthbernardes/ARTLAS.git

Install dependencies
pip install -r dependencies.txt
python version 2.7.11(lastet)

Install screen
sudo apt-get install screen #Debian Like
sbopkg -i screen    # Slackware 14.*
yum install screen # CentOS/RHEL   
dnf install screeen  # Fedora

screen tutorial [pt_Br]

Configuration

All your configurations will be made in etc/artlas.conf file.

TELEGRAM INTEGRATION
[Telegram]
api = Your Token API
group_id = Group/User ID that will receive the notifications
enable = True to send notificantions or False to not send.
[adsense size='1']
ZABBIX CONFIGURATION
[Zabbix]
server_name = hostname of the server in zabbix
agentd_config = Zabbix agent configuration file
enable_advantage_keys = True or False to use advanced triggers
notifications = true to enable  or false to disable triggers notifications
enable = true to enable  or false to disable

SYSLOG/SIEM CONFIGURATION
[CEF_Syslog]
server_name = IP or Hostname SySlog/SIEM server
enable = True or False to enable

GENERAL CONFIGURATION
[General]
apache_log = Full path apache access.log
apache_mask = Mask to identify the fields in the apache access log
vhost_enable = True to enable  or False to disable vhosts
rules = etc/default_filter.json It's the file that contains the OWASP filter [Do not Change]

How to start

screen -S artlas
python artlas.py
CTRL+A+D

Team

Matheus Bernardes a.k.a. G4mbler
Henrique Gonçalves a.k.a. Kamus Hadenes
André Déo