dune73
commented
1 year ago Are the slides online already? Can you elaborate otherwise?
Open fzipi opened 1 year ago
dune73
commented
1 year ago Are the slides online already? Can you elaborate otherwise?
lifeforms
commented
1 year ago I don't know the scope, but I'd LOVE if we had a tutorial for (centralized) log management!
RedXanadu
commented
1 year ago This would be really great to see. I would definitely like to read this content as I want to learn how to perform this kind of logging/aggregation.
The context of the original proposal was: there is a lack of comprehensive, good documentation available on how to plug CRS+ModSecurity into systems like OpenSearch (formerly Kibana) and others.
Some vendors have their own proprietary solutions or internal/pay-walled documentation. There are some scattered guides available on the public internet, but I've not come across one that's complete or easy to follow.
It would be great if CRS could provide an A to Z, easy to follow, complete guide on how to do something along these lines. We've raised the idea before (coreruleset.org/docs/operation/log_handling/), but we've never had the knowledge and time to do anything about it.
What we need:
dune73
commented
1 year ago I could not agree more. I've had this conversation with customers repeatedly for many, many years.
My current work on dashboards brings me closer to his, but it's the essential part that is missing. Still miles away from this central piece.
jcchavezs
commented
1 year ago Shall we start a google doc on this?
@RedXanadu's presentation on our CRS Dublin 2023 summit proposed interesting questions. One idea was to add information about how to do logging, what is important, etc.